Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-09 Thread Manoj Srivastava
On Mon, 09 Apr 2007 11:07:09 +0200, Vincent Danjean <[EMAIL PROTECTED]> said: 

> Manoj Srivastava a écrit :
>> Again, not a devotee problem.

> Just for information, I get an error message when voting with icedove
> and the enigmail extension (see the text at the end of the message).
> The error was not clear at all for me. All I did was to clic on the
> "encryption" and "sign" icons.

Working patches for improved error messages gladly accepted.

> First error message (encrypted and signed from IceDove without
> selecting "Use PGP/MIME for this message"):

>   This is an error report about your vote [record msg00675.raw]
>  for the vote "Debian Project Leader 2007 Election Statistics" sent in
>  on Fri, 06 Apr 2007 15:17:24 +0200, with the subject "Re: Second call
>  for votes for the debian project leader election 2007" The message ID
>  is <[EMAIL PROTECTED]>.  The folowing errors were reported:
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> There was a problem verifying the signature on the ballot.  FAILURE:
>  Reason: MIME::Parser: couldn't open
>  /org/vote.debian.org/data/leader2007/body/msg00675.body: No such file
>  or directory at /usr/share/perl5/MIME/Parser.pm line 1174.

> The ballot decrypted correctly, but was not signed So this means that
> eithe the ballot was not signed at all or that it uses RFC 1847
> Encapsulation, where the ballot is first signed as a
> multipart/signature body, and then encrypted to form the final
> multipart/encrypted body -- but something went wrong in verifying the
> signature.  In either case, the ballot is being rejected.

In this case, the ballot was first signed as a
 multipart/signature body, and then encrypted to form the final
 multipart/encrypted body -- but something went wrong in verifying the
 signature.

The mail gave verbose logging of all the errors that happened
 during processing, along with  a human parseable probable explanation.

manoj
-- 
The fancy is indeed no other than a mode of memory emancipated from the
order of space and time.  -- Samuel Taylor Coleridge
Manoj Srivastava <[EMAIL PROTECTED]> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-09 Thread Vincent Danjean
Manoj Srivastava a écrit :
> Again, not a devotee problem.

Just for information, I get an error message when voting with
icedove and the enigmail extension (see the text at the end of
the message).
The error was not clear at all for me. All I did was to clic on
the "encryption" and "sign" icons.

I tried with only "sign" but it fails again. In this case, I
understand the error message:
gpg: invalid dash escaped line: -=3D-=3D-=3D-=3D-=3D-=3D-=3D-\n
But I understand it only because I read other mails here and
see that there can be some problems with encoding
(quoted-printable).

The 'solution' comes again from mails of this list talking about
PGP/MIME. In the 'OpenPGP' menu of IceDove, they was an entry
with 'Use PGP/MIME for this message'. Clicking on it and clicking
on the "encryption" and "sign" icons make my vote accepted.

  I think I understand why my first and second vote have been
rejected now, but I still find the error messages not useful at all:
without these threads on debian-devel, I would have be unable to
understand the problems and to find a way to send a good vote.

  Best regards,
Vincent Danjean



First error message (encrypted and signed from IceDove without
selecting "Use PGP/MIME for this message"):

This is an error report about your vote [record msg00675.raw]
 for the vote
 "Debian Project Leader 2007 Election Statistics"
 sent in on Fri, 06 Apr 2007 15:17:24 +0200, with the subject
 "Re: Second call for votes for the debian project leader election
 2007"
 The message ID is <[EMAIL PROTECTED]>.
 The folowing errors were reported:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
There was a problem verifying the signature on the ballot.
FAILURE:
 Reason: MIME::Parser: couldn't open 
/org/vote.debian.org/data/leader2007/body/msg00675.body: No such file or 
directory at /usr/share/perl5/MIME/Parser.pm line 1174.


The ballot decrypted correctly, but was not signed
So this means that eithe the ballot was not signed at all
or that it uses RFC 1847 Encapsulation, where the ballot
is first signed as a multipart/signature body, and then
encrypted to form the final multipart/encrypted body --
but something went wrong in verifying the signature.
In either case, the ballot is being rejected.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
gpg: WARNING: unsafe permissions on homedir 
`/org/vote.debian.org/data/leader2007'
gpg: CRC error; 406C8D - DC3406
gpg: encrypted_mdc packet with unknown version 255
gpg: quoted printable character in armor - probably a buggy MTA has been used
[GNUPG:] NODATA 
3-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

This ballot is being rejected.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-04 Thread Michal Čihař
Hi

On Wed, 04 Apr 2007 02:21:48 -0500
Manoj Srivastava <[EMAIL PROTECTED]> wrote:

> One of your ballots (msg00250) did pass the gpg check -- but
>  you must have voted with the same ballot, since devotee says:
>Failure: The signature on the message, though valid, has been seen
>before.  This could be a potential replay attack

I resent same mail only not encrypted, so this is quite correct. Thanks
for fixing this issue (especially when the only reject caused by this
seems to be mine).

-- 
Michal Čihař | http://cihar.com | http://blog.cihar.com


signature.asc
Description: PGP signature


Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-04 Thread Manoj Srivastava
On Sun, 1 Apr 2007 22:02:18 +0200, Michal Čihař <[EMAIL PROTECTED]> said: 

> Maybe I read RFC 3156 wrong, but I think it says exactly what I
> sent:

> 6.1.  RFC 1847 Encapsulation

>In [2], it is stated that the data is first signed as a
>multipart/signature body, and then encrypted to form the final
>multipart/encrypted body.  This is most useful for standard MIME-
>compliant message forwarding.

No, you were quite correct; I had zone on RFC 1847
 Encapsulation while writing up dvt-gpg. Mind you, implementing this
 was icky, since this breaks the nice little work-flow where first we do
 mime decoding, and then gpg verifications; now devotee has to decrypt
 the mail message, note that there did not seem to be any signatures
 on the message, run the mime parser on the newly decrupted body, see
 if there are exactly two parts with the proper mime encoding, save
 the body and the signature, and then run gpg again over the new body
 and sig, and properly bubble up any errors at any stage of the
 processing.

No wonder people tried to warn me away from implementing my
 own mail handling and mime and gpg parsing when I started thinking
 about writing devotee.

I added all this icky code to devotee, and now devotee is
 indeed fully compliant with RFC 3156.

Anyway, there were 10 ballots which could have been affected,
 so I re-ran these ballots through devotee.

9 failed to verify the sig.

One of your ballots (msg00250) did pass the gpg check -- but
 you must have voted with the same ballot, since devotee says:
   Failure: The signature on the message, though valid, has been seen
   before.  This could be a potential replay attack

So, after all this, no rejected ballot has been accepted --
 and indeed, 9 of the 10 were correctly rejected in the first place.

But I'm happy to say that any RFC 3156 compliant message
 should now be correctly interpreted by devotee.

manoj
-- 
Authors (and perhaps columnists) eventually rise to the top of
whatever depths they were once able to plumb.  -- Stanley Kaufman
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-01 Thread Adrian von Bidder
On Sunday 01 April 2007 23:19, Henrique de Moraes Holschuh wrote:
> On Sun, 01 Apr 2007, Adrian von Bidder wrote:
> > IIRC signing subkeys are not accepted at package uploads, so maybe
> > that's what you were thinking about.
>
> AFAIK, they are.

Policy URLs are not accepted, that's what I was thinking about.  I use 
signing subkeys and usually a policy URL, so I just remembered that I have 
to take special steps before signing packages.  Sorry about the confusion.

cheers
-- vbi

-- 
You will be awarded some great honor.


pgpxvKOyqFFFP.pgp
Description: PGP signature


Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-01 Thread Pierre THIERRY
Scribit Steve Langasek dies 01/04/2007 hora 13:09:
> Hrm, is there really an RFC that specifies encryption before signing?

AFAIK, the RFC specifies how to build an encrypted MIME body and a
signed body. When you want both, you can either store a signed body in
the encrypted one, or an encrypted and signed PGP data as an encrypted
body...

> That would violate the expectation that people other than the intended
> recipient of the mail should not be able to verify the source.

Which provides you with repudiability for non-recipients, which can be
an expectation too.

Differently,
Pierre
-- 
[EMAIL PROTECTED]
OpenPGP 0xD9D50D8A


signature.asc
Description: Digital signature


Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-01 Thread Henrique de Moraes Holschuh
On Sun, 01 Apr 2007, Adrian von Bidder wrote:
> IIRC signing subkeys are not accepted at package uploads, so maybe that's 
> what you were thinking about.

AFAIK, they are.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-01 Thread Steve Langasek
On Sun, Apr 01, 2007 at 01:04:12PM -0500, Manoj Srivastava wrote:
> On Sun, 1 Apr 2007 18:11:38 +0200, Michal Čihař <[EMAIL PROTECTED]> said: 

> > Hello On Fri, 30 Mar 2007 11:02:49 -0500
> > Manoj Srivastava <[EMAIL PROTECTED]> wrote:

> >> It turns out that it was indeed encrypted, but the message was not
> >> signed; which means there is no information about who is sending
> >> the ballot. This is a legitimate addition to the ballot; I'll point
> >> it out in the next CFV.

> > It of course was signed,

> No, it was not. The body of the encrypted but not signed email
>  contained a signed vote, but the email itself was not signed.

Hrm, is there really an RFC that specifies encryption before signing?  That
would violate the expectation that people other than the intended recipient
of the mail should not be able to verify the source.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-01 Thread Michal Čihař
Hi

On Sun, 01 Apr 2007 13:04:12 -0500
Manoj Srivastava <[EMAIL PROTECTED]> wrote:

> This is the most creative and weird action I have seen in the
>  last few elections.
> 
> You send an encrypted mail, which was not itself signed. This
>  caused the vote to be rejected. Now, the body of the mail, once you
>  decrypted it, did contain a signed vote -- but this is too late,
>  since the outer mail was not signed, nothing processed the decrypted
>  body.
> 
> And no, you do not need to send in inline PGP when encrypting
>  ballots;  you can send a signed *AND* encrypted RFC 3156 mail
>  message.

Maybe I read RFC 3156 wrong, but I think it says exactly what I sent:

6.1.  RFC 1847 Encapsulation

   In [2], it is stated that the data is first signed as a
   multipart/signature body, and then encrypted to form the final
   multipart/encrypted body.  This is most useful for standard MIME-
   compliant message forwarding.

-- 
Michal Čihař | http://cihar.com | http://blog.cihar.com


signature.asc
Description: PGP signature


Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-01 Thread Manoj Srivastava
On Sun, 1 Apr 2007 18:11:38 +0200, Michal Čihař <[EMAIL PROTECTED]> said: 

> Hello On Fri, 30 Mar 2007 11:02:49 -0500
> Manoj Srivastava <[EMAIL PROTECTED]> wrote:

>> It turns out that it was indeed encrypted, but the message was not
>> signed; which means there is no information about who is sending
>> the ballot. This is a legitimate addition to the ballot; I'll point
>> it out in the next CFV.

> It of course was signed,

No, it was not. The body of the encrypted but not signed email
 contained a signed vote, but the email itself was not signed.

> I simply don't know what went wrong, but it seems that something
> fooled script which is handling votes (signature won't verify,
> because I deleted the votes):

I do know what went wrong.

This is the most creative and weird action I have seen in the
 last few elections.

You send an encrypted mail, which was not itself signed. This
 caused the vote to be rejected. Now, the body of the mail, once you
 decrypted it, did contain a signed vote -- but this is too late,
 since the outer mail was not signed, nothing processed the decrypted
 body.

And no, you do not need to send in inline PGP when encrypting
 ballots;  you can send a signed *AND* encrypted RFC 3156 mail
 message.

manoj
-- 
Successful and fortunate crime is called virtue. Seneca
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-01 Thread Michal Čihař
Hello

On Sun, 1 Apr 2007 18:15:40 +0200
"Steinar H. Gunderson" <[EMAIL PROTECTED]> wrote:

> On Sun, Apr 01, 2007 at 06:11:38PM +0200, Michal Čihař wrote:
> > It of course was signed, I simply don't know what went wrong, but it
> > seems that something fooled script which is handling votes (signature 
> > won't verify, because I deleted the votes):
> 
> You had your message signed, then put the signature into a separate MIME
> part and then finally encrypted the whole kaboodle? Does that make any sense?

Well it did Claws mail for me and I didn't investigate this. I also
didn't have problem with signed and encrypted mails so far. And why it
wouldn't make sense? Or I have to use inline PGP when encrypting?

-- 
Michal Čihař | http://cihar.com | http://blog.cihar.com


signature.asc
Description: PGP signature


Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-01 Thread Steinar H. Gunderson
On Sun, Apr 01, 2007 at 06:11:38PM +0200, Michal Čihař wrote:
> It of course was signed, I simply don't know what went wrong, but it
> seems that something fooled script which is handling votes (signature 
> won't verify, because I deleted the votes):

You had your message signed, then put the signature into a separate MIME
part and then finally encrypted the whole kaboodle? Does that make any sense?

/* Steinar */
- who obviously does not know PGP/MIME very well
-- 
Homepage: http://www.sesse.net/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-04-01 Thread Michal Čihař
Hello

On Fri, 30 Mar 2007 11:02:49 -0500
Manoj Srivastava <[EMAIL PROTECTED]> wrote:

> It turns out that it was indeed encrypted, but the message was
>  not signed; which means there is no information about who is sending
>  the ballot. This is a legitimate addition to the ballot; I'll point
>  it out in the next CFV.

It of course was signed, I simply don't know what went wrong, but it
seems that something fooled script which is handling votes (signature 
won't verify, because I deleted the votes):

[EMAIL PROTECTED]:/tmp/vote$ gpg --decrypt mail > decrypted

You need a passphrase to unlock the secret key for
user: "Michal Čihař <[EMAIL PROTECTED]>"
2048-bit ELG-E key, ID 05C78623, created 2004-01-10 (main key ID 36E75604)

gpg: encrypted with ELG-E key, ID 43C42E9B
gpg: encrypted with 2048-bit ELG-E key, ID 05C78623, created 2004-01-10
  "Michal Čihař <[EMAIL PROTECTED]>"
[EMAIL PROTECTED]:/tmp/vote$ cat decrypted 
Content-Type: multipart/signed; boundary=Sig_RW14tDhEezNYBYqzBFPkcVG;
 protocol="application/pgp-signature"; micalg=PGP-SHA1

--Sig_RW14tDhEezNYBYqzBFPkcVG
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

> - - -=3D-=3D-=3D-=3D-=3D- Don't Delete Anything Between These Lines =3D-=
=3D-=3D-=3D-=3D-=3D-=3D-=3D-
> e0acebd2-71f1-4df8-ae4d-50355ad7aa81
> [   ] Choice 1: Wouter Verhelst
> [   ] Choice 2: Aigars Mahinovs
> [   ] Choice 3: Gustavo Franco
> [   ] Choice 4: Sam Hocevar
> [   ] Choice 5: Steve McIntyre
> [   ] Choice 6: Rapha=C3=ABl Hertzog
> [   ] Choice 7: Anthony Towns
> [   ] Choice 8: Simon Richter
> [   ] Choice 9: None Of The Above
> - - -=3D-=3D-=3D-=3D-=3D- Don't Delete Anything Between These Lines =3D-=
=3D-=3D-=3D-=3D-=3D-=3D-=3D-

--=20
Michal =C4=8Ciha=C5=99 | http://cihar.com | http://blog.cihar.com

--Sig_RW14tDhEezNYBYqzBFPkcVG
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGCMIx3DVS6DbnVgQRAtJlAKDoXjrx49GJ2zTSP1PZt2CVcpo6fACglVXk
VMIjrLiaxHRdJj3wHqjGjDU=
=JGT1
-END PGP SIGNATURE-

--Sig_RW14tDhEezNYBYqzBFPkcVG--


-- 
Michal Čihař | http://cihar.com | http://blog.cihar.com


signature.asc
Description: PGP signature


Re: Second call for votes for the debian project leader election 2007

2007-03-31 Thread Adrian von Bidder
On Friday 30 March 2007 08.47:53 Manoj Srivastava wrote:
> > OK, so please take this honest.
>
>         I don't think I have ever been dishonest about it. Amused,
>  perhaps, dishonest, no.

Language issue.  s/honest/serious/  

Admittedly, I'm guessing.

cheers
-- vbi


-- 
The young lady had an unusual list,
Linked in part to a structural weakness.
She set no preconditions.


pgpHGnBVeTojA.pgp
Description: PGP signature


Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-31 Thread Adrian von Bidder
On Thursday 29 March 2007 06.24:52 Henrique de Moraes Holschuh wrote:
> On Wed, 28 Mar 2007, Manoj Srivastava wrote:
> > On Wed, 28 Mar 2007 12:52:33 -0300, Henrique de Moraes Holschuh
> >
> > <[EMAIL PROTECTED]> said:
> > > You do not handle signing subkeys?
> >
> > What makes you think that?  Any key that is used needs to be
> >  in the debian keyring, is all.
>
> I just checked, and yes, subkeys are handled just fine.  Sorry about the
> confusion.

IIRC signing subkeys are not accepted at package uploads, so maybe that's 
what you were thinking about.

cheers
-- vbi



-- 
Today is Sweetmorn, the 18th day of Discord in the YOLD 3173


pgp4Wqhb91miP.pgp
Description: PGP signature


Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-30 Thread Manoj Srivastava
On Fri, 30 Mar 2007 11:02:49 -0500, Manoj Srivastava <[EMAIL PROTECTED]> said: 

> On Fri, 30 Mar 2007 09:23:38 +0200, Michal Čihař <[EMAIL PROTECTED]>
> said:
>> Hi On Thu, 29 Mar 2007 21:23:28 +0200
>> Kurt Roeckx <[EMAIL PROTECTED]> wrote:

>>> If you encrypt to yourself, how is the voting system supposed to
>>> decrypt it?

>> It was encrypted for two keys, both of them can decrypt it.

> It turns out that it was indeed encrypted, but the message
> was
>  not signed; which means there is no information about who is
>  sending the ballot. This is a legitimate addition to the ballot;
>  I'll point it out in the next CFV.

Hmm. Turns out, that ballot already mentioned that "you may, if
 you wish, choose to send a signed, encrypted ballot".   The operative
 word is "signed", which the ballot in question was not.

manoj
-- 
No matter how good she looks, some other guy is sick and tired of
putting up with her shit.  Men's Room, Linda's Bar and Grill.  Chapel
Hill, North Carolina.
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-30 Thread Manoj Srivastava
On Fri, 30 Mar 2007 09:23:38 +0200, Michal Čihař <[EMAIL PROTECTED]> said: 

> Hi On Thu, 29 Mar 2007 21:23:28 +0200
> Kurt Roeckx <[EMAIL PROTECTED]> wrote:

>> If you encrypt to yourself, how is the voting system supposed to
>> decrypt it?

> It was encrypted for two keys, both of them can decrypt it.

It turns out that it was indeed encrypted, but the message was
 not signed; which means there is no information about who is sending
 the ballot. This is a legitimate addition to the ballot; I'll point
 it out in the next CFV.

manoj
-- 
Time will end all my troubles, but I don't always approve of Time's
methods.
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-29 Thread Michal Čihař
Hi

On Thu, 29 Mar 2007 21:23:28 +0200
Kurt Roeckx <[EMAIL PROTECTED]> wrote:

> If you encrypt to yourself, how is the voting system supposed to decrypt
> it?

It was encrypted for two keys, both of them can decrypt it.

> You also encrypted to the key that was generated for this vote, which
> looks good.  Did you encrypt it twice or something?

Yes, this is way I send out all encrypted mails so that I can read them
in Sent mail:

gpg --encrypt -a --recipient [EMAIL PROTECTED] --encrypt-to
DC3552E836E75604

-- 
Michal Čihař | http://cihar.com | http://blog.cihar.com


signature.asc
Description: PGP signature


Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Manoj Srivastava
On Fri, 30 Mar 2007 08:23:10 +0200 (CEST), Andreas Tille <[EMAIL PROTECTED]> 
said: 

> On Fri, 30 Mar 2007, Manoj Srivastava wrote:
>> On Fri, 30 Mar 2007 07:10:53 +0200 (CEST), Andreas Tille
>> <[EMAIL PROTECTED]> said:
>> 
>>> On Thu, 29 Mar 2007, Manoj Srivastava wrote:

>> Sure, we have a problem.

> OK, so please take this honest.

I don't think I have ever been dishonest about it. Amused,
 perhaps, dishonest, no.

>> Far too many people are using MUAs that seem incapable of following
>> standards. I fail to see what I can do to fix it, apart from
>> telling people: USE STANDARDS COMPLIANT MAILERS.

> But you didn't say *how*.

How do you use the standards compliant mailer? Look to its
 documentation, I suppose.  Why do you expect me to be able to tell
 you how to use mailers out there?

> Even the hint to mailx you gave me in private mail did not work in
> every case.

It was a hint. Evidently, some MTA in between helpfully
 mangled your mail.  Now, I am not a expert in all the different MUAs
 out there, nor do I have any desire to  become one.

> I have no idea whether mailx is standards compliant or not, but my
> attempts to use it failed while others were successful.

Good for you. Every one should figure out whichever mailer
 they want to use.

>> There. Satisfied?

> No.

Ah, well. At least I tried.

>> If you want to be pedantic about it, ballots need to be either:
>> a) Mail messages compliant with RFC 2015 (issued in 1996), and
>> updated by RFC 3156, or, if not using MIME,
>> b) An unmangled RFC 2440 complaint OpenPGP message as the body

> Well beeing pedantig means missing real live.

If by real life you mean a life where people do not know how
 to send signed mail,  well, I suppose people need to learn how to
 send mail, really, in order to best survive in a distributed, mail
 based organization like debian.  And people should not expect to have
 their hands held while they learn how to send mail.

> What currently happens is another form of ignoring real live.  If it

Yes, I have no desire to face the real life where my supposed
 peers can't send mail; at least, I have no desire to teach them how
 to send mail.


> is a known fact that people are happy using MUAs that do not fit a)
> and b) for every day work and do not face problems except when
> sending a ballot to vote I would regard it as practical inacceptable
> even if theoretical correct.  (This would be not the first case
> where theoretical correct thinks do not work perfectly in real
> live.)

In order to vote, you need to send in a signed ballot. If your
 real life does not require you to send  cryptographically signed
 materiel, where the integrity of the signatures matter, then I
 suppose you can get away with using broken mailers. But Debian voting
 has always relied on signed ballots sent via mail. It so happens that
 the ballots have incidentally not contained accented characters so
 far -- but that was mere happenstance.


>> Well, sorry, but I do find that it, umm, tickles my funny bone to
>> see in LWN, no less, a tongue in cheek article about the difficulty
>> people are having just sending singed email.  I promisre to try to
>> be more sober in the future.

> I assume it is just me that I'm unable to explain you the point of
> my previous mails.  You are obviousely missing it continuosely.  So
> this is my last attempt.

Well, I have tried to see your point, but I have obviously
 failed.  As far as I can see, you seem to think I need to coach
 people about how to send mail -- either encrypted mail, or PGP/MIME
 mail, both of which are covered in excruciating detail in standards,
 and I even posted a list of mail clients that can deliver this.

I have no desire to hand hold people and teach them how ti
 send mail (or type, for that matter). You, apparently, seem to think
 I have some such obligation.  I beg to differ.

I am pretty sure if people ask on the mailing list, they'll
 find some people willing to teach them how to use mail.  This is not
 an chore I fancy, is all.

manoj
-- 
Chaos is King and Magic is loose in the world.
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Andreas Tille

On Fri, 30 Mar 2007, Manoj Srivastava wrote:


On Fri, 30 Mar 2007 07:10:53 +0200 (CEST), Andreas Tille <[EMAIL PROTECTED]> 
said:


On Thu, 29 Mar 2007, Manoj Srivastava wrote:

...  In order to type the letter "a", look on the keyboard (ask
someone ...



Manoj, the answer you gave here does not fit the statistics you


   I have no idea what this means.  What does my answer have to
do with the statistics posted?


I started the thread on this list with this mail.

   http://lists.debian.org/debian-devel/2007/03/msg00736.html


   Sure, we have a problem.


OK, so please take this honest.


Far too many people are using MUAs
that seem incapable  of following standards. I fail to see what I can
do to fix it, apart from telling people: USE STANDARDS COMPLIANT
MAILERS.


But you didn't say *how*.  Even the hint to mailx you gave me in private
mail did not work in every case.  I have no idea whether mailx is standards
compliant or not, but my attempts to use it failed while others were
successful.


   There. Satisfied?


No.


   If you want to be pedantic about it, ballots need to be either:
a) Mail messages compliant with RFC 2015 (issued in 1996), and
   updated by RFC 3156, or, if not using MIME,
b) An unmangled RFC 2440 complaint OpenPGP message as the body


Well beeing pedantig means missing real live.  What currently happens
is another form of ignoring real live.  If it is a known fact that people
are happy using MUAs that do not fit a) and b) for every day work and
do not face problems except when sending a ballot to vote I would
regard it as practical inacceptable even if theoretical correct.  (This
would be not the first case where theoretical correct thinks do not
work perfectly in real live.)


   Well, sorry, but I do find that it, umm,  tickles my funny
bone to see in LWN, no less,  a tongue in cheek article about the
difficulty people are having just sending singed email.  I promisre
to try to be more sober in the future.


I assume it is just me that I'm unable to explain you the point of my
previous mails.  You are obviousely missing it continuosely.  So this
is my last attempt.

Kind regards

 Andreas.

--
http://fam-tille.de


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Manoj Srivastava
On Fri, 30 Mar 2007 07:10:53 +0200 (CEST), Andreas Tille <[EMAIL PROTECTED]> 
said: 

> On Thu, 29 Mar 2007, Manoj Srivastava wrote:
>> ...  In order to type the letter "a", look on the keyboard (ask
>> someone ...

> Manoj, the answer you gave here does not fit the statistics you

I have no idea what this means.  What does my answer have to
 do with the statistics posted?

> posted.  The statistics do show a problem and I'm a little bit

Sure, we have a problem. Far too many people are using MUAs
 that seem incapable  of following standards. I fail to see what I can
 do to fix it, apart from telling people: USE STANDARDS COMPLIANT
 MAILERS.

There. Satisfied?

If you want to be pedantic about it, ballots need to be either:
 a) Mail messages compliant with RFC 2015 (issued in 1996), and
updated by RFC 3156, or, if not using MIME,
 b) An unmangled RFC 2440 complaint OpenPGP message as the body

How you do that is entirely up to you -- I would not presume
 to tell my peers how to send mail, after all. However, the following
 page, though outdated, does seem to be of interest:
http://www.bretschneidernet.de/tips/secmua.html

> frustrated that you seem to make fun of it.

Well, sorry, but I do find that it, umm,  tickles my funny
 bone to see in LWN, no less,  a tongue in cheek article about the
 difficulty people are having just sending singed email.  I promisre
 to try to be more sober in the future.

manoj
-- 
Monogamy is the Western custom of one wife and hardly any
mistresses. H.H. Munro
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Andreas Tille

On Thu, 29 Mar 2007, Manoj Srivastava wrote:


...
  In order to type the letter "a", look on the keyboard (ask someone
...


Manoj, the answer you gave here does not fit the statistics you posted.
The statistics do show a problem and I'm a little bit frustrated that
you seem to make fun of it.

Kind regards

  Andreas.

--
http://fam-tille.de


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Roberto C . Sánchez
On Fri, Mar 30, 2007 at 01:35:52AM +0300, Guillem Jover wrote:
> 
> You might want to use ^K from inside mutt, instead.
> 
Does that work if the key is attached or only for retrieving from a key
server when a mail has been signed with a key not already in your key
ring?

Regards,

-Roberto

-- 
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com


signature.asc
Description: Digital signature


Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Guillem Jover
On Thu, 2007-03-29 at 10:28:34 -0600, Oleksandr Moskalenko wrote:
> It is really this simple to do using mutt.
> 
> 1. To encrypt the vote you need to have the key. It could be accomplished in
> several ways. They way I did it was by copying
> 
> from the call for votes email into a file such as foo.txt and running
> 
> $gpg --import foo.txt

You might want to use ^K from inside mutt, instead.

regards,
guillem


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-29 Thread Oleksandr Moskalenko
* Kurt Roeckx <[EMAIL PROTECTED]> [2007-03-29 21:23:28 +0200]:

> On Thu, Mar 29, 2007 at 10:00:19AM +0200, Michal ?iha? wrote:
> > Hi
> > > 
> > > __> gpg --homedir=.  --keyring debian-keyring.gpg --keyring 
> > > debian-keyring.pgp --with-colons --list-keys 0x05C78623
> > > pub:-:1024:17:DC3552E836E75604:2004-01-10:::-:Michal ?x8ciha?x99 <[EMAIL 
> > > PROTECTED]>::scESC:
> [...]
> > > 
> > > See? Don't sign with a key that is not in the debian keyring
> > >  yet.
> 
> DC3552E836E75604 seems to be in the keyring to me.
> 
> > I really don't get which key is not there. I signed with my same key,
> > which worked for unencrypted voting and which worked on previous GR
> > vote. I was really not able to decode what went wrong from message I
> > got, it seems to complain about missing secret key for my key, which
> > is okay. Does encrypt to self break voting?
> 
> If you encrypt to yourself, how is the voting system supposed to decrypt
> it?
> 
> You also encrypted to the key that was generated for this vote, which
> looks good.  Did you encrypt it twice or something?
> 
> 
> Kurt

He likely ran $gpg --encrypt foo, which by default encrypts with your own key
as well.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-29 Thread Kurt Roeckx
On Thu, Mar 29, 2007 at 10:00:19AM +0200, Michal ?iha? wrote:
> Hi
> > 
> > __> gpg --homedir=.  --keyring debian-keyring.gpg --keyring 
> > debian-keyring.pgp --with-colons --list-keys 0x05C78623
> > pub:-:1024:17:DC3552E836E75604:2004-01-10:::-:Michal ?x8ciha?x99 <[EMAIL 
> > PROTECTED]>::scESC:
[...]
> > 
> > See? Don't sign with a key that is not in the debian keyring
> >  yet.

DC3552E836E75604 seems to be in the keyring to me.

> I really don't get which key is not there. I signed with my same key,
> which worked for unencrypted voting and which worked on previous GR
> vote. I was really not able to decode what went wrong from message I
> got, it seems to complain about missing secret key for my key, which
> is okay. Does encrypt to self break voting?

If you encrypt to yourself, how is the voting system supposed to decrypt
it?

You also encrypted to the key that was generated for this vote, which
looks good.  Did you encrypt it twice or something?


Kurt


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Oleksandr Moskalenko
* Manoj Srivastava <[EMAIL PROTECTED]> [2007-03-28 08:25:02 -0500]:

> I think your options are to send in an ascii armored encrypted
>  ballot, or use mutt or gnus to send a proper  PGP/MIME signed
>  ballot. Either should work.


It is really this simple to do using mutt.

1. To encrypt the vote you need to have the key. It could be accomplished in
several ways. They way I did it was by copying

-BEGIN PGP PUBLIC KEY BLOCK-
Version: GnuPG v1.4.6 (GNU/Linux)

mQGiBEXx4O0RBADVa0bVjdrVjNWuWDCKVzuF2w0g1OTuqAIwN0ITEFOhm01ciYs7
Esf0l5v+zSoEhtW6uvltMI8LPQ8M1BQMZX6EZH1jSvETcqjDc7qnQzegIBtVTU/r
NEKFm/BGS9D99Hh69sZL5QhtxAjvws9enxB0YXbI/Rwdb62DMw0yFKN8iwCgzUYb
5qurOX4g8XDP4BTktDWJA3UD/1Hnek2Ib5KHEpzwKA3isEaZlJtnzlPrLbMW792z
vXtWNMSpYuWKMKSMpvPHAn0FjkzCKiu1miXVJ38ZgBeiXgaANKcN1t85Rh6oLNgI
ZU6baCQKvcRjAXlH2S0F2AmG0dj26xdrkuDjHTgNQTLDqO2if7/DV/ObKHSXL2mo
x3c4A/0XyM1uDkZMk8rkXXrGr2B2x5vz0YTM0K8TSR34OwejEU678BvGaBQlPKSh
Hq5mkX7kYMBxKBJo0YYYq90k/M1qhYn9RpALNhb0JCv/Cz1x8MytK7XkwhFEDI6e
I+CdyaxPwrIh1SsN7NskotkiUkgkh+P0os2cwFAJiuZQixUx4rQ6RFBMIFZvdGUg
MjAwNyAoRXBoZW1lcmFsIEtleSkgPGxlYWRlcjIwMDdAdm90ZS5kZWJpYW4ub3Jn
PohmBBMRAgAmBQJF8eDtAhsDBQkAN18ABgsJCAcDAgQVAggDBBYCAwECHgECF4AA
CgkQfJ/HSOvzEXCzXgCeJZekWqxMVKNddy0XZBSbVmSp8wAAni9a45WVL0pTdp1V
uj6P7DqU9rmiiEYEEBECAAYFAkXx4hoACgkQIbrau78kQkyfSACffFJ8Vh96j6Os
aBW3IXWzlB8EMsYAoOCJ7fNjhYhTH5j2vkvPa01Nli8quQINBEXx4QQQCACPFiod
OMD/5a1w4oz/GHPGOSjH/E9Su8iwvvZPSYuMWYs3Ov+y5RxIdB6SCSE6pJRUeXbo
iMUaWi2MJacEw2uxNfnfDUqneQ1GU7mzqabH8a6twctEgEfwCQVSgoIuAPu4+AJW
b1W7W4WVUuQx+G5yvXnkNs6CtDyFIUgBwG8U97XYg0kMl2xKwkIrw5ieYiGYBj96
la7lfCgIZe1m85rIbyfGzkM4HyIg2RHiTgjr+/Cwo9qWmNcLSb/ftp/+m7csE58n
LHSKfI/0l1lLLz8PxLGy1CsiHJE6Zx06XkYQjnbfCHOYUkUi+97gXOhx0RjOjCs8
Zc+pzwhBkUBtD/oXAAMFB/9kojCdsktvfjwwifw3RnGo+N2nvChP6xC7nnPj+4Np
CMg9zPQiDHUHPF653yw6IYPg//CjHcne+d1Q9KFQKC/deZKD7iIzzfQiuNs25le6
eIeaf9Kk4xipdnSSPv7Hy/VhQgX+dLojMgiHlnRRN4+d3ONY0AS2zLd5uTOGO2UV
4yXNTeUkBqzSntKB3LYa/OnnM0ZyQXwCCRhHGQ82RHY8yLpthsxNIzu1upcuuCgJ
zQ8cemk73j0SNzs8WtqXKn1zhWC+jStxelgqYiqJpw/WY3zSFFrLCuv7q3hqtj0a
MPty70yXo7GHBEs0U5ZzMoj4eAOtF7Ll/3I+ISrYKIpbiE8EGBECAA8FAkXx4QQC
GwwFCQA3XwAACgkQfJ/HSOvzEXDPCACeJajzd72KqNffWt4cZCLNuIta5LMAoKfe
/wY3Eb8guVj0NmR1U+H2fhJx
=qZVb
-END PGP PUBLIC KEY BLOCK-

from the call for votes email into a file such as foo.txt and running

$gpg --import foo.txt

This will get the ephemeral voting key into your keyring.

2. To show that it's your vote you must sign the email. So, when you are
ready to forward the "call for votes" email that has your votes set to the
[EMAIL PROTECTED] address you hit "p" (to go into the gpg interface
in mutt) and then "b" for "both" i.e. sign and encrypt. Enter your passphrase
as asked and off you go.

Cheers,

Alex.

P.S.: I did have one vote rejection as I carelessly chose "e" for encrypt
instead of "b" for both in mutt the first time. Oh, well.



Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Manoj Srivastava
On Thu, 29 Mar 2007 10:44:46 +0200 (CEST), Andreas Tille <[EMAIL PROTECTED]> 
said: 

> On Wed, 28 Mar 2007, Lars Wirzenius wrote:
>> On ke, 2007-03-28 at 14:57 +0200, Andreas Tille wrote:
>>> just want to give my vote and concentrate on the rankings I want
>>> to give and not learn about tools to submit my vote.
>> 
>>> From memory (my shell history isn't long enough), here's what I
>>> did:
>> 
>> 1. Copy ballot to text file (vote.txt).
>> 2. Edit it for my voting preference.
>> 3. Sign with gpg: gpg --clearsign vote.txt
>> 4. Send: mail -s vote < vote.txt.asc [EMAIL PROTECTED]
>> 
>> I work in a UTF-8 environment, in case that matters.

> Just for the record if someone tries to compile a HOW TO VOTE
> enhancement: The procedure above did not work for me (for reasons I
> do not understand).  But finally I was successful to "gpg --import"
> the key contained in the "call for votes" mail and send the vote
> encrypted.  This even worked with my "broken" mail client pine.  But
> perhaps it was just working because it was my seventh try to vote.

*Sigh*. Once you encrypt and ascii armor a ballot, there are
 no non-ascii characters in the body. Thus the MUA no longer has a
 need to mangle the body to protect it over potentially non-8-bit
 clean SMTP transport.

manoj
-- 
"I would give the Devil benefit of the law for my own safety's sake."
_A_Man_for_All_Seasons_ by Robert Bolt
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Manoj Srivastava
On Thu, 29 Mar 2007 09:21:00 +0200 (CEST), Andreas Tille <[EMAIL PROTECTED]> 
said: 

> Well, Manoj, the initial mail contains a paragraph called:

> HOW TO VOTE

The paragraph goes on to state that the way to vote is to send
 a signed or encrypted ballot to an vote.debian.org email
 address. That is all, really, that is needed.

The relevent RFCs are RFC 2440, and RFC 3156, and perhaps one
 should also look at RFC 2822.

I don't think I need to inform people on how to send
 mail. Indeed, the paragraph does not include details on how to type
 either:
   In order to type the letter "a", look on the keyboard (ask someone
   if you do not know what a keyboard is) for a key which has the
   symbol "A" on it. Using a finger, press on that key. If nothing
   happens, press harder. If done correctly, you should see "a" on the
   display. you press too long, you  might see more than one of these
   letters. In that case, you have to locate the backspace key "

No. These instructions are for my peers.

My peers.

I'll not insult the intelligence of the voters in general by
 presuming to instruct them in how to type or how to send email.

> You as the secretary has the job to organise voting and because I
> consider the paragraph as incomplete (regarding the statistics you
> posted in your last mail to d-d-a)

The secretary has to provide details on how the vote is to be
 sent in. 

> I think it is at least your turn to organise that this paragraph can
> be improved.  So IMHO it is not a question whether you *like* to
> scratch that itch, because you are finally responsible to enable
> voters to submit their votes flawlessly.

Rubbish. The voters are responsible for casting their
 votes. People need to stand up and take responsibility for
 their own actions without being spoon fed.

>  If broken software is around this is not your fault.

Seems that way, dunnit?

> But if it turns out in a certain point of time that this broken
> software is causing trouble in issues you are responsible for, you
> can not simply shift that task to somebody else.

I am not gonna go around fixing all kinds of broken MUA/MTA
 software out there, sorry,

I am also not going to spoon feed people and teach them typing
 or how to use a proper email client.

If you want instruction, I might offer teaching classes, but
 my rates are not the lowest out there.

manoj
 irritated
-- 
Art is a jealous mistress. Ralph Waldo Emerson
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-29 Thread Andreas Tille

On Wed, 28 Mar 2007, Lars Wirzenius wrote:


On ke, 2007-03-28 at 14:57 +0200, Andreas Tille wrote:

just want to give my vote and concentrate on the rankings I want to give
and not learn about tools to submit my vote.



From memory (my shell history isn't long enough), here's what I did:


1. Copy ballot to text file (vote.txt).
2. Edit it for my voting preference.
3. Sign with gpg: gpg --clearsign vote.txt
4. Send: mail -s vote < vote.txt.asc [EMAIL PROTECTED]

I work in a UTF-8 environment, in case that matters.


Just for the record if someone tries to compile a HOW TO VOTE
enhancement: The procedure above did not work for me (for reasons
I do not understand).  But finally I was successful to "gpg --import"
the key contained in the "call for votes" mail and send the
vote encrypted.  This even worked with my "broken" mail client
pine.  But perhaps it was just working because it was my seventh
try to vote.

Good luck

Andreas.

--
http://fam-tille.de


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-29 Thread Michal Čihař
Hi

On Wed, 28 Mar 2007 07:52:38 -0500
Manoj Srivastava <[EMAIL PROTECTED]> wrote:

> This seems to indicate that the key was not in the keyring.
> > 2048-bit ELG-E key, ID 43C42E9B, created 2007-03-09
> 
> __> gpg --homedir=.  --keyring debian-keyring.gpg --keyring 
> debian-keyring.pgp --with-colons --list-keys 0x05C78623
> tru::1:1173480793:0:3:1:5
> pub:-:1024:17:DC3552E836E75604:2004-01-10:::-:Michal �x8ciha�x99 <[EMAIL 
> PROTECTED]>::scESC:
> uid:-2004-01-10::F480D937920614DA2771B2AC795928D40377D5D6::Michal 
> �x8ciha�x99 <[EMAIL PROTECTED]>:
> uid:-2005-06-24::116BDA5CF8D36EE8B1292D3E92D36255A5FB6B84::Michal 
> �x8ciha�x99 <[EMAIL PROTECTED]>:
> uid:r::D1EC97D564177B3B1353C10890FC7E2587E036F3::Michal �x8ciha�x99 
> <[EMAIL PROTECTED]>:
> uid:-2005-06-24::6688FC339BECDD0C786D57C010DAD2CA2556D79A::Michal 
> �x8ciha�x99 <[EMAIL PROTECTED]>:
> uid:-2004-01-17::D8B33E3CA038B007EDF62CD1A62B21074C7A989A::Michal 
> �x8ciha�x99 <[EMAIL PROTECTED]>:
> uid:-2007-03-14::CA412CA1B1E145B6CE7FABC55F4AC57FD8E6190F::Michal 
> �x8ciha�x99 <[EMAIL PROTECTED]>:
> sub:-:2048:16:6EFA5AE205C78623:2004-01-10::e:
> 
> 
> See? Don't sign with a key that is not in the debian keyring
>  yet.

I really don't get which key is not there. I signed with my same key,
which worked for unencrypted voting and which worked on previous GR
vote. I was really not able to decode what went wrong from message I
got, it seems to complain about missing secret key for my key, which
is okay. Does encrypt to self break voting?

-- 
Michal Čihař | http://cihar.com | http://blog.cihar.com


signature.asc
Description: PGP signature


Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Andreas Tille

On Wed, 28 Mar 2007, Manoj Srivastava wrote:


3) do not accept DPLs with non-ASCI names. ;-))


Sure, if you think that is better than fixing broken MUAs.



I guess you missed the double smiley.


   Well, no. I think it is funny that one should consider
eliminating us pesky people with funny names, and stick to time
honored plain ascii MUAs.


I'm sorry that I missed the sense of humor that worked here in my
real live environment perfectly because here in Germany we have lots
of people with non-ASCII characters in their names constantly causing
trouble at different places.  I hereby declare officially that I
_never_ considered eleminating anybody from a list but tried to
applied some humor (marked as usual) that worked in other places.
(I'm really wondering whether the times of humor are over that
somebody causes me to write such text ... :-()


   4) Write a rock safe HowTo that enables DDs who are comfortable
  using of broken MUAs in their day to day live to vote.


   While this is not an itch I feel like scratrching,


Well, Manoj, the initial mail contains a paragraph called:

HOW TO VOTE

You as the secretary has the job to organise voting and because
I consider the paragraph as incomplete (regarding the statistics
you posted in your last mail to d-d-a) I think it is at least your
turn to organise that this paragraph can be improved.  So IMHO
it is not a question whether you *like* to scratch that itch,
because you are finally responsible to enable voters to submit
their votes flawlessly.  If broken software is around this is
not your fault.  But if it turns out in a certain point of time
that this broken software is causing trouble in issues you are
responsible for, you can not simply shift that task to somebody
else.


this might
be a good idea for those that do want to write something up.


After following the advise of Lars the result for me was

-

This is an error report about your vote [record msg00345.raw]
 for the vote
 "Debian Project Leader 2007 Election Statistics"
 sent in on Wed, 28 Mar 2007 15:19:41 +0200, with the subject
 "vote"
 The message ID is <[EMAIL PROTECTED]>.
 The folowing errors were reported:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
There was a problem verifying the signature on the ballot.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
gpg: WARNING: unsafe permissions on homedir 
`/org/vote.debian.org/data/leader2007'
gpg: invalid dash escaped line: -=3D-=3D-=3D-=3D-=3D-=3D-\n
gpg: invalid dash escaped line: -=3D-=3D-=3D-=3D-=3D-=3D-\n
gpg: CRC error; A96670 - DC3A96
gpg: no signature found
gpg: quoted printable character in armor - probably a buggy MTA has been used
gpg: verify signatures failed: eof
[GNUPG:] NODATA
4-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

This ballot is being rejected.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

--

After the sixth rejection mail I now try with encryption that has
some positive and some negative reports.  Well, we in Germany regard
seven as a number that brings luck ... :-(

Kind regards

 Andreas.

--
http://fam-tille.de


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Henrique de Moraes Holschuh
On Wed, 28 Mar 2007, Manoj Srivastava wrote:
> On Wed, 28 Mar 2007 12:52:33 -0300, Henrique de Moraes Holschuh
> <[EMAIL PROTECTED]> said:  
> > You do not handle signing subkeys?
> 
> What makes you think that?  Any key that is used needs to be
>  in the debian keyring, is all.

I just checked, and yes, subkeys are handled just fine.  Sorry about the
confusion.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Steve Langasek
On Wed, Mar 28, 2007 at 03:28:04PM -0500, Manoj Srivastava wrote:
> On Wed, 28 Mar 2007 12:47:09 -0700, Russ Allbery <[EMAIL PROTECTED]> said: 

> > Probably part of the problem is that I haven't yet figured out the
> > correct way to do PGP/MIME in Gnus (mostly because I haven't looked
> > very hard).

> Here is what I use (I am using emacs23, but this should work
>  with the emacs-snapshot package in Etch as well)

s/Etch/Sid/; the emacs-snapshot package is not a release candidate.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Manoj Srivastava
On Wed, 28 Mar 2007 12:47:09 -0700, Russ Allbery <[EMAIL PROTECTED]> said: 

> Probably part of the problem is that I haven't yet figured out the
> correct way to do PGP/MIME in Gnus (mostly because I haven't looked
> very hard).

Here is what I use (I am using emacs23, but this should work
 with the emacs-snapshot package in Etch as well)
,[ Gnus and easypg ]
| ;; The package used for PGP/MIME.
| ;; Valid packages include `epg', `pgg', `gpg' and `mailcrypt'.
| (setq mml2015-use 'epg)
| ;; My key ids
| ;;(setq mml2015-signers  '("BF24424C" "C7261095"))
| (require 'epa-setup)
| (setq
|  mml2015-passphrase-cache-expiry 30   ;; in seconds
|  mml2015-verbose t
|  mml2015-encrypt-to-self t
|  )
| ;;; This was getting too annoying
| ;; (setq mm-verify-option 'known
| ;;   mm-decrypt-option 'known
| ;;   gnus-message-replysign t
| ;;   gnus-message-replyencrypt t)
| 
| ;; Use PGP/MIME by default. Look up mml-sign-alist
| (setq mml-default-sign-method "pgpmime"
|   mml-default-encrypt-method "pgpmime")
| ;; Convenience keystrokes
| (define-key message-mode-map [f7] 'mml-secure-sign-pgpmime)
| (define-key message-mode-map [f8] 'mml-secure-encrypt-pgpmime)
| ;;(define-key message-mode-map "\C-c\C-a" 'mail-interactive-insert-alias)
| 
| ;;; Obsolete, from when I used pgg
| (autoload 'pgg-encrypt-region "pgg" "Encrypt the current region." t)
| (autoload 'pgg-decrypt-region "pgg" "Decrypt the current region." t)
| (autoload 'pgg-sign-region "pgg""Sign the current region." t)
| (autoload 'pgg-verify-region "pgg"  "Verify the current region." t)
| (autoload 'pgg-insert-key "pgg" "Insert the ASCII armored public key." t)
| (autoload 'pgg-snarf-keys-region "pgg"
|   "Import public keys in the current region." t)
| (require 'pgg)
| (setq pgg-passphrase-cache-expiry 30
|   pgg-gpg-use-agent t)
| (setq crypt-confirm-password t
|   crypt-encoded-disable-auto-save t
|   crypt-no-extension-implies-plain t
|   ;  crypt-ignored-filenames ... ; this could be useful
|   )
| ;; gpg
| ;;
| (setq gpg-command-program "gpg" )
`

manoj
-- 
Avec!
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Russ Allbery
Manoj Srivastava <[EMAIL PROTECTED]> writes:

> The solution is to use a MYA that does properly do PGP/MIME --
>  or send in an encrypted ballot, which is base64 encoded, I think, and
>  should not trigger ther helpful MTA enroute.

I had to fall back on doing an encrypted ballot because I completely
failed Gnus.  No matter what I did to Gnus, it insisted on sending the
mail quoted-printable.  When I changed mm-body-charset-encoding-alist, it
still did quoted-printable.  When I explicitly tagged the body with mml to
use 8bit encoding, it inserted random control characters in the body.
There's clearly some setting that I missed, but I don't know what it is.

Sending an encrypted ballot worked fine.

Probably part of the problem is that I haven't yet figured out the correct
way to do PGP/MIME in Gnus (mostly because I haven't looked very hard).

-- 
Russ Allbery ([EMAIL PROTECTED])   


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Manoj Srivastava
On Wed, 28 Mar 2007 12:52:33 -0300, Henrique de Moraes Holschuh
<[EMAIL PROTECTED]> said:  

> On Wed, 28 Mar 2007, Manoj Srivastava wrote:
>> The issue there was using a signing key not in the debian
>> keyring. If you are doing the same, please stop.

> You do not handle signing subkeys?

What makes you think that?  Any key that is used needs to be
 in the debian keyring, is all.

manoj
-- 
Lead a life of righteousness, and not a life of wrong-doing. He who
follows righteousness lives happily in this world and the next. 169
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Henrique de Moraes Holschuh
On Wed, 28 Mar 2007, Manoj Srivastava wrote:
> The issue there was using a signing key not in the debian
>  keyring. If you are doing the same, please stop.

You do not handle signing subkeys?  That would mean one has to add that
dreaded "!" to the keyid, so as to make gpg not use any subkeys.

Or did I misunderstand?

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Manoj Srivastava
On Wed, 28 Mar 2007 15:16:15 +0200 (CEST), Andreas Tille <[EMAIL PROTECTED]> 
said: 

> On Wed, 28 Mar 2007, Manoj Srivastava wrote:
>>> 1) fix software that interprets incoming mails
>> 
>> There is nothing wrong with the software that interprets incoming
>> mails; the mails that fail actually fail cryptographic checks since
>> they have been masssaged by the MUA/MTA afterwards, because the MUA
>> did not do the encoding _before_ signing the body.
>> 
>>> 2) issue an alternate ballot where 'ë' in Raphaël is simplified as
>>> 'e' (and we agree that this is the same person as Raphaël)
>> 
>> Which would mean that anyone sending in the current official ballot
>> would get their vote rejected, since the integrity checks will
>> fail.  I am not a proponent of hacking away at unrelated software
>> to ameliorate bugs in other software; the problems here seem to be
>> using bad MUA software that can't, in this day and age, handle
>> signed mail using accented chanracters.
>> 
>>> 3) do not accept DPLs with non-ASCI names. ;-))
>> 
>> Sure, if you think that is better than fixing broken MUAs.

> I guess you missed the double smiley.

Well, no. I think it is funny that one should consider
 eliminating us pesky people with funny names, and stick to time
 honored plain ascii MUAs.

> OK, if you do not accept my suggestions, what about

>4) Write a rock safe HowTo that enables DDs who are comfortable
>   using of broken MUAs in their day to day live to vote.

While this is not an itch I feel like scratrching, this might
 be a good idea for those that do want to write something up.

manoj
-- 
I never pray before meals -- my mom's a good cook.
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Romain Beauxis
Le mercredi 28 mars 2007 15:16, Andreas Tille a écrit :
> I'm obviousely hit by two broken MUAs (pine, mailx) and not
> willing to spend more then 10 minutes just to send my vote.

Plus kmail I think.


Romain



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Manoj Srivastava
On Wed, 28 Mar 2007 14:57:46 +0200 (CEST), Andreas Tille <[EMAIL PROTECTED]> 
said: 

> On Wed, 28 Mar 2007, Manoj Srivastava wrote:
>> My suggestion is to stop using mailcrypt, it is ancient, and hoary;
>> pgg and easypg work a lot better.
>> 
>> This is a case of non-functional MUA software.

> Well, I have to admit that I do not want more or less than voting
> this time as I did in former times.  Instead my initial mail seems
> to cause a technical discussion about ways that work / may work /
> should work and ancient / non-functional / better working software.
> Please, I just want to give my vote and concentrate on the rankings
> I want to give and not learn about tools to submit my vote.

That would be fine, if you were not asking for other people to
 put in work to work around the flaws in the tools you are using -- or
 not use their names as they should be written.

I think your options are to send in an ascii armored encrypted
 ballot, or use mutt or gnus to send a proper  PGP/MIME signed
 ballot. Either should work.


मनोज श्रिवास्तव

-- 
Check me if I'm wrong, Sandy, but if I kill all the golfers... they're
gonna lock me up and throw away the key!
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Andreas Tille

On Wed, 28 Mar 2007, Manoj Srivastava wrote:


   Well, in either case, something intervened along the way (some
MTA) and protected the accented char after you had sent the mail.

   The solution is to use a MYA that does properly do PGP/MIME --
or send in an encrypted ballot, which is base64 encoded, I think, and
should not trigger ther helpful MTA enroute.


Yould you be so kind and turn these advises into lines of example code
like Lars did - just in case my vote will be rejected again?

Kind regards

Andreas.

--
http://fam-tille.de


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Greg Folkert
On Wed, 2007-03-28 at 15:16 +0200, Andreas Tille wrote:
> On Wed, 28 Mar 2007, Manoj Srivastava wrote:
> 
> >>   1) fix software that interprets incoming mails
> >
> >There is nothing wrong with the software that interprets
> > incoming mails; the mails that fail actually fail cryptographic
> > checks since they have been masssaged by the MUA/MTA afterwards,
> > because the MUA did not do the encoding _before_ signing the body.
> >
> >>   2) issue an alternate ballot where 'ë' in Raphaël is simplified as
> >>  'e' (and we agree that this is the same person as Raphaël)
> >
> >Which would mean that anyone sending in the current official
> > ballot would get their vote rejected, since the integrity checks will
> > fail.  I am not a proponent of hacking away at unrelated software to
> > ameliorate bugs in other software; the problems here seem to be using
> > bad MUA software that can't, in this day and age, handle signed mail
> > using accented chanracters.
> >
> >>   3) do not accept DPLs with non-ASCI names. ;-))
> >
> >Sure, if you think that is better than fixing broken MUAs.
> 
> I guess you missed the double smiley.
> 
> OK, if you do not accept my suggestions, what about
> 
> 4) Write a rock safe HowTo that enables DDs who are comfortable
>using of broken MUAs in their day to day live to vote.
> 
> I'm obviousely hit by two broken MUAs (pine, mailx) and not
> willing to spend more then 10 minutes just to send my vote.

Do what Lars did:

>From memory (my shell history isn't long enough), here's what I did:

1. Copy ballot to text file (vote.txt).
2. Edit it for my voting preference.
3. Sign with gpg: gpg --clearsign vote.txt
4. Send: mail -s vote < vote.txt.asc [EMAIL PROTECTED]

I work in a UTF-8 environment, in case that matters.

-end Lars suggestion

-- 
greg, [EMAIL PROTECTED]

Novell's Directory Services is a competitive product to Microsoft's
Active Directory in much the same way that the Saturn V is a competitive
product to those dinky little model rockets that kids light off down at
the playfield. -- Thane Walkup



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Andreas Tille

On Wed, 28 Mar 2007, Lars Wirzenius wrote:



1. Copy ballot to text file (vote.txt).
2. Edit it for my voting preference.
3. Sign with gpg: gpg --clearsign vote.txt
4. Send: mail -s vote < vote.txt.asc [EMAIL PROTECTED]

I work in a UTF-8 environment, in case that matters.


It might matter, so I added a

 0. export LANG=de_DE.UTF-8

before your steps which differ between what I did by the missing
'--armor' what I added "to be safe".  Now I'm really keen on the
response ...

Kind regards

 Andreas.

--
http://fam-tille.de


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Andreas Tille

On Wed, 28 Mar 2007, Manoj Srivastava wrote:


  1) fix software that interprets incoming mails


   There is nothing wrong with the software that interprets
incoming mails; the mails that fail actually fail cryptographic
checks since they have been masssaged by the MUA/MTA afterwards,
because the MUA did not do the encoding _before_ signing the body.


  2) issue an alternate ballot where 'ë' in Raphaël is simplified as
 'e' (and we agree that this is the same person as Raphaël)


   Which would mean that anyone sending in the current official
ballot would get their vote rejected, since the integrity checks will
fail.  I am not a proponent of hacking away at unrelated software to
ameliorate bugs in other software; the problems here seem to be using
bad MUA software that can't, in this day and age, handle signed mail
using accented chanracters.


  3) do not accept DPLs with non-ASCI names. ;-))


   Sure, if you think that is better than fixing broken MUAs.


I guess you missed the double smiley.

OK, if you do not accept my suggestions, what about

   4) Write a rock safe HowTo that enables DDs who are comfortable
  using of broken MUAs in their day to day live to vote.

I'm obviousely hit by two broken MUAs (pine, mailx) and not
willing to spend more then 10 minutes just to send my vote.

Kind regards

 Andreas.

--
http://fam-tille.de


Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Lars Wirzenius
On ke, 2007-03-28 at 14:57 +0200, Andreas Tille wrote:
> just want to give my vote and concentrate on the rankings I want to give
> and not learn about tools to submit my vote.

>From memory (my shell history isn't long enough), here's what I did:

1. Copy ballot to text file (vote.txt).
2. Edit it for my voting preference.
3. Sign with gpg: gpg --clearsign vote.txt
4. Send: mail -s vote < vote.txt.asc [EMAIL PROTECTED]

I work in a UTF-8 environment, in case that matters.

-- 
Never underestimate the power of a small tactical Lisp interpreter.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Manoj Srivastava
On Wed, 28 Mar 2007 08:05:27 +0200 (CEST), Andreas Tille <[EMAIL PROTECTED]> 
said: 

> On Wed, 28 Mar 2007, Bart Martens wrote:
>> On Wed, 2007-03-28 at 07:43 +0200, Andreas Tille wrote:
>>> The relation between Rejects and Voters is currently the highest
>>> we ever had.  I'm just asking whether we need some technical
>>> improvement here because I personally add a count of three to the
>>> rejects and have no idea how to vote successfully.
>> 
>> I had problems with encrypted voting.  Unencrypted voting worked
>> for me.

> I tried signed mails with pine (ups, sorry, I know it's non-free)
> and after this I sended (according to Manoj's hint) mails using
> mailx one time with --sign --armor and one tim ewith --clearsign
> --armor which failed both.  I never sended encrypted votings.

Well, in either case, something intervened along the way (some
 MTA) and protected the accented char after you had sent the mail.

The solution is to use a MYA that does properly do PGP/MIME --
 or send in an encrypted ballot, which is base64 encoded, I think, and
 should not trigger ther helpful MTA enroute.

manoj
-- 
"Mind if I smoke?" "Yes, I'd like to see that, does it come out of
your ears or what?"
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Andreas Tille

On Wed, 28 Mar 2007, Manoj Srivastava wrote:


   My suggestion is to stop using mailcrypt, it is ancient, and
hoary; pgg and easypg work a lot better.

   This is a case of non-functional MUA software.


Well, I have to admit that I do not want more or less than voting this
time as I did in former times.  Instead my initial mail seems to cause
a technical discussion about ways that work / may work / should work
and ancient / non-functional / better working software.  Please, I
just want to give my vote and concentrate on the rankings I want to give
and not learn about tools to submit my vote.

Kind regards

 Andreas.

--
http://fam-tille.de


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Manoj Srivastava
On Wed, 28 Mar 2007 09:31:10 +0200, Michal Čihař <[EMAIL PROTECTED]> said: 

> Hi On Wed, 28 Mar 2007 07:56:23 +0200
> Bart Martens <[EMAIL PROTECTED]> wrote:

>> On Wed, 2007-03-28 at 07:43 +0200, Andreas Tille wrote:
>> > The relation between Rejects and Voters is currently the highest
>> > we ever had.  I'm just asking whether we need some technical
>> > improvement here because I personally add a count of three to the
>> > rejects and have no idea how to vote successfully.
>> 
>> I had problems with encrypted voting.  Unencrypted voting worked
>> for me.

> Same here, tried encrypted first, it failed (see bellow), then
> unencrypted and it worked fine.

>  The folowing errors were reported:
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> There was a problem verifying the signature on the ballot.  GPG did
> not return a fingerprint or key id
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> gpg: WARNING: unsafe permissions on homedir
> `/org/vote.debian.org/data/leader2007' gpg: encrypted with 2048-bit
> ELG-E key, ID 05C78623, created 2004-01-10 gpg: encrypted with
> 2048-bit ELG-E key, ID 43C42E9B, created 2007-03-09 [GNUPG:] ENC_TO
> E1427DEB43C42E9B 16 0[GNUPG:] USERID_HINT E1427DEB43C42E9B DPL Vote
> 2007 (Ephemeral Key) <[EMAIL PROTECTED]>[GNUPG:]
> NEED_PASSPHRASE E1427DEB43C42E9B 7C9FC748EBF31170 16 0[GNUPG:]
> GOOD_PASSPHRASE[GNUPG:] ENC_TO 6EFA5AE205C78623 16 0[GNUPG:]
> NO_SECKEY 6EFA5AE205C78623[GNUPG:] BEGIN_DECRYPTION[GNUPG:]
> PLAINTEXT 62 1174979122 [GNUPG:] DECRYPTION_OKAY[GNUPG:]
> GOODMDC[GNUPG:]
> END_DECRYPTION-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

This seems to indicate that the key was not in the keyring.
> 2048-bit ELG-E key, ID 43C42E9B, created 2007-03-09

__> gpg --homedir=.  --keyring debian-keyring.gpg --keyring debian-keyring.pgp 
--with-colons --list-keys 0x05C78623
tru::1:1173480793:0:3:1:5
pub:-:1024:17:DC3552E836E75604:2004-01-10:::-:Michal �x8ciha�x99 <[EMAIL 
PROTECTED]>::scESC:
uid:-2004-01-10::F480D937920614DA2771B2AC795928D40377D5D6::Michal 
�x8ciha�x99 <[EMAIL PROTECTED]>:
uid:-2005-06-24::116BDA5CF8D36EE8B1292D3E92D36255A5FB6B84::Michal 
�x8ciha�x99 <[EMAIL PROTECTED]>:
uid:r::D1EC97D564177B3B1353C10890FC7E2587E036F3::Michal �x8ciha�x99 <[EMAIL 
PROTECTED]>:
uid:-2005-06-24::6688FC339BECDD0C786D57C010DAD2CA2556D79A::Michal 
�x8ciha�x99 <[EMAIL PROTECTED]>:
uid:-2004-01-17::D8B33E3CA038B007EDF62CD1A62B21074C7A989A::Michal 
�x8ciha�x99 <[EMAIL PROTECTED]>:
uid:-2007-03-14::CA412CA1B1E145B6CE7FABC55F4AC57FD8E6190F::Michal 
�x8ciha�x99 <[EMAIL PROTECTED]>:
sub:-:2048:16:6EFA5AE205C78623:2004-01-10::e:


See? Don't sign with a key that is not in the debian keyring
 yet.

Again, not a devotee problem.

manoj
-- 
You don't become a failure until you're satisfied with being one.
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Manoj Srivastava
On Wed, 28 Mar 2007 09:31:10 +0200 (CEST), Andreas Tille <[EMAIL PROTECTED]> 
said: 

> On Tue, 27 Mar 2007, Ben Pfaff wrote:
>> However, this is the only ballot I recall containing non-ASCII
>> characters, which could be the cause.

> Ahhh, this is a typical cause of problems.  So we have three
> chances:

>   1) fix software that interprets incoming mails

There is nothing wrong with the software that interprets
 incoming mails; the mails that fail actually fail cryptographic
 checks since they have been masssaged by the MUA/MTA afterwards,
 because the MUA did not do the encoding _before_ signing the body.

>   2) issue an alternate ballot where 'ë' in Raphaël is simplified as
>  'e' (and we agree that this is the same person as Raphaël)

Which would mean that anyone sending in the current official
 ballot would get their vote rejected, since the integrity checks will
 fail.  I am not a proponent of hacking away at unrelated software to
 ameliorate bugs in other software; the problems here seem to be using
 bad MUA software that can't, in this day and age, handle signed mail
 using accented chanracters.

>   3) do not accept DPLs with non-ASCI names. ;-))

Sure, if you think that is better than fixing broken MUAs.

> Probably 2 is the esiest to implement solution for the moment
> without discriminating anybody.

No, that discriminates against people who have working MUA
 software and use the current ballot, which has been posted often
 enough, and has been available from [EMAIL PROTECTED]


Changing a ballot mid stream is not a good idea.

manoj
-- 
Oppernockity tunes but once.
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Manoj Srivastava
On Wed, 28 Mar 2007 12:12:55 +0200, Romain Beauxis <[EMAIL PROTECTED]> said: 

> Le mercredi 28 mars 2007 09:31, Michal Čihař a écrit :
>> Same here, tried encrypted first, it failed (see bellow), then
>> unencrypted and it worked fine.

> Precisly the same issue here.

The issue there was using a signing key not in the debian
 keyring. If you are doing the same, please stop.

> It has been reported to work on mutt, and it failed here with kmail.
> Is the crypt+sign mail format standard ?

Yup. MIME type application/pgp-encrypted is how it is done.

manoj
-- 
All the really good ideas I ever had came to me while I was milking a
cow. Grant Wood
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Manoj Srivastava
On Tue, 27 Mar 2007 23:27:59 -0700, Ben Pfaff <[EMAIL PROTECTED]> said: 

> Andreas Tille <[EMAIL PROTECTED]> writes:
>> The relation between Rejects and Voters is currently the highest we
>> ever had.  I'm just asking whether we need some technical
>> improvement here because I personally add a count of three to the
>> rejects and have no idea how to vote successfully.

> With Gnus+Mailcrypt, I was unable to vote with a signed but not
> encrypted ballot.  The voting daemon claimed that there was some
> kind of quoted-printable problem.  This surprised me: Gnus and
> Mailcrypt have not caused problems for me with any previous votes.
> However, this is the only ballot I recall containing non-ASCII
> characters, which could be the cause.

> So then I sent in a signed and encrypted ballot.  This caused the
> whole ballot to be base64-encoded.  Presumably this sidestepped the
> quoted-printable problem, because it was accepted.  -- Ben Pfaff
> http://benpfaff.org

mailcrypt does not produce PGP/MIME mails, it signs and ascii
 armors a file, which is included as body of the message, and passed
 to Gnus.  Gnus then notices there are non-ascii characters, and
 proceeds to protect them; which violates the integrity of the mail.

My suggestion is to stop using mailcrypt, it is ancient, and
 hoary; pgg and easypg work a lot better.

This is a case of non-functional MUA software.

manoj
-- 
Unix is a Registered Bell of AT&T Trademark Laboratories. Donn Seeley
Manoj Srivastava <[EMAIL PROTECTED]> 
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Roberto C . Sánchez
On Wed, Mar 28, 2007 at 12:12:55PM +0200, Romain Beauxis wrote:
> Le mercredi 28 mars 2007 09:31, Michal ??iha?? a écrit :
> > Same here, tried encrypted first, it failed (see bellow), then
> > unencrypted and it worked fine.
> 
> Precisly the same issue here.
> It has been reported to work on mutt, and it failed here with kmail.
> Is the crypt+sign mail format standard ?
> 
The last vote (on the package upload rules) worked for me sending
encrypted from mutt.

Regards,

-Roberto

-- 
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com


signature.asc
Description: Digital signature


Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-28 Thread Romain Beauxis
Le mercredi 28 mars 2007 09:31, Michal Čihař a écrit :
> Same here, tried encrypted first, it failed (see bellow), then
> unencrypted and it worked fine.

Precisly the same issue here.
It has been reported to work on mutt, and it failed here with kmail.
Is the crypt+sign mail format standard ?


Romain



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Raphael Hertzog
On Wed, 28 Mar 2007, Andreas Tille wrote:
>   2) issue an alternate ballot where 'ë' in Raphaël is
>  simplified as 'e' (and we agree that this is the same
>  person as Raphaël)

For the record, I already authorized Manoj to do that. In fact, I don't
even recall how the accent got integrated in the LDAP database as I always
used my name without accent everywhere (in particular in my GPG key and in
my From: headers) at the time I joined the project.

Cheers,
-- 
Raphaël Hertzog

Premier livre français sur Debian GNU/Linux :
http://www.ouaza.com/livre/admin-debian/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-28 Thread Kalle Kivimaa
Simon Josefsson <[EMAIL PROTECTED]> writes:
> Mailcrypt doesn't, as far as I know, support PGP/MIME (RFC 3156).
> PGP/MIME is the only standards-conforming way to do OpenPGP signatures
> containing non-ASCII text.  Check your e-mail if it contains a
> top-level Content-Type of multipart/signed.  If it doesn't, you used
> the vanilla inline OpenPGP type.

Yes, I know that. When I last tried to vote using PGP/MIME, devotee
didn't like that either, so as I was able to get devotee to like my
ASCII inline signed ballot, I didn't dig deeper into the problem with
PGP/MIME and Gnus and XEmacs.

-- 
* Sufficiently advanced magic is indistinguishable from technology (T.P)  *
*   PGP public key available @ http://www.iki.fi/killer   *


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-27 Thread Simon Josefsson
Kalle Kivimaa <[EMAIL PROTECTED]> writes:

> Ben Pfaff <[EMAIL PROTECTED]> writes:
>> With Gnus+Mailcrypt, I was unable to vote with a signed but not
>> encrypted ballot.  The voting daemon claimed that there was some
>> kind of quoted-printable problem.  This surprised me: Gnus and
>> Mailcrypt have not caused problems for me with any previous
>> votes.  However, this is the only ballot I recall containing
>> non-ASCII characters, which could be the cause.
>
> As I used to have all my outgoing emails default to ISO 8859-1 charset
> I was unable to vote with Gnus+Mailcrypt until I changed the default
> to be ASCII. So, as I now had that same problem again, I'm guessing
> the problem is with Raphaël's non-ASCII e+umlaut, which makes Gnus use
> quoted-printable, which then isn't valid as seen by devotee (I'm
> guessing that Gnus encodes the signed mail and devotee wants to
> verify before decoding).

Mailcrypt doesn't, as far as I know, support PGP/MIME (RFC 3156).
PGP/MIME is the only standards-conforming way to do OpenPGP signatures
containing non-ASCII text.  Check your e-mail if it contains a
top-level Content-Type of multipart/signed.  If it doesn't, you used
the vanilla inline OpenPGP type.

Btw, an old rant on this topic:

http://josefsson.org/inline-openpgp-considered-harmful.html

In recent Gnus versions, PGP/MIME is supported natively.

/Simon


pgpK4zsLea2xq.pgp
Description: PGP signature


Re: Second call for votes for the debian project leader election 2007

2007-03-27 Thread Kalle Kivimaa
Ben Pfaff <[EMAIL PROTECTED]> writes:
> With Gnus+Mailcrypt, I was unable to vote with a signed but not
> encrypted ballot.  The voting daemon claimed that there was some
> kind of quoted-printable problem.  This surprised me: Gnus and
> Mailcrypt have not caused problems for me with any previous
> votes.  However, this is the only ballot I recall containing
> non-ASCII characters, which could be the cause.

As I used to have all my outgoing emails default to ISO 8859-1 charset
I was unable to vote with Gnus+Mailcrypt until I changed the default
to be ASCII. So, as I now had that same problem again, I'm guessing
the problem is with Raphaël's non-ASCII e+umlaut, which makes Gnus use
quoted-printable, which then isn't valid as seen by devotee (I'm
guessing that Gnus encodes the signed mail and devotee wants to
verify before decoding).

> So then I sent in a signed and encrypted ballot.  This caused the
> whole ballot to be base64-encoded.  Presumably this sidestepped
> the quoted-printable problem, because it was accepted.

Thanks for the tip, need to use this. Didn't think of it myself.

-- 
* Sufficiently advanced magic is indistinguishable from technology (T.P)  *
*   PGP public key available @ http://www.iki.fi/killer   *


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-27 Thread Andreas Tille

On Tue, 27 Mar 2007, Ben Pfaff wrote:


However, this is the only ballot I recall containing
non-ASCII characters, which could be the cause.


Ahhh, this is a typical cause of problems.  So we have three chances:

  1) fix software that interprets incoming mails
  2) issue an alternate ballot where 'ë' in Raphaël is
 simplified as 'e' (and we agree that this is the same
 person as Raphaël)
  3) do not accept DPLs with non-ASCI names. ;-))

Probably 2 is the esiest to implement solution for the moment
without discriminating anybody.

Kind regards

Andreas.

--
http://fam-tille.de


Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-27 Thread Michal Čihař
Hi

On Wed, 28 Mar 2007 07:56:23 +0200
Bart Martens <[EMAIL PROTECTED]> wrote:

> On Wed, 2007-03-28 at 07:43 +0200, Andreas Tille wrote:
> > The relation between Rejects and Voters is currently the highest we
> > ever had.  I'm just asking whether we need some technical improvement
> > here because I personally add a count of three to the rejects and
> > have no idea how to vote successfully.
> 
> I had problems with encrypted voting.  Unencrypted voting worked for me.

Same here, tried encrypted first, it failed (see bellow), then
unencrypted and it worked fine.


 The folowing errors were reported:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
There was a problem verifying the signature on the ballot.
GPG did not return a fingerprint or key id
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
gpg: WARNING: unsafe permissions on homedir
`/org/vote.debian.org/data/leader2007' gpg: encrypted with 2048-bit
ELG-E key, ID 05C78623, created 2004-01-10 gpg: encrypted with 2048-bit
ELG-E key, ID 43C42E9B, created 2007-03-09 [GNUPG:] ENC_TO
E1427DEB43C42E9B 16 0[GNUPG:] USERID_HINT E1427DEB43C42E9B DPL Vote
2007 (Ephemeral Key) <[EMAIL PROTECTED]>[GNUPG:]
NEED_PASSPHRASE E1427DEB43C42E9B 7C9FC748EBF31170 16 0[GNUPG:]
GOOD_PASSPHRASE[GNUPG:] ENC_TO 6EFA5AE205C78623 16 0[GNUPG:] NO_SECKEY
6EFA5AE205C78623[GNUPG:] BEGIN_DECRYPTION[GNUPG:] PLAINTEXT 62
1174979122 [GNUPG:] DECRYPTION_OKAY[GNUPG:] GOODMDC[GNUPG:]
END_DECRYPTION-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-- 
Michal Čihař | http://cihar.com | http://blog.cihar.com


signature.asc
Description: PGP signature


Re: Second call for votes for the debian project leader election 2007

2007-03-27 Thread Ben Pfaff
Andreas Tille <[EMAIL PROTECTED]> writes:

> The relation between Rejects and Voters is currently the highest we
> ever had.  I'm just asking whether we need some technical improvement
> here because I personally add a count of three to the rejects and
> have no idea how to vote successfully.

With Gnus+Mailcrypt, I was unable to vote with a signed but not
encrypted ballot.  The voting daemon claimed that there was some
kind of quoted-printable problem.  This surprised me: Gnus and
Mailcrypt have not caused problems for me with any previous
votes.  However, this is the only ballot I recall containing
non-ASCII characters, which could be the cause.

So then I sent in a signed and encrypted ballot.  This caused the
whole ballot to be base64-encoded.  Presumably this sidestepped
the quoted-printable problem, because it was accepted.
-- 
Ben Pfaff 
http://benpfaff.org


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-27 Thread Andreas Tille

On Wed, 28 Mar 2007, Bart Martens wrote:


On Wed, 2007-03-28 at 07:43 +0200, Andreas Tille wrote:

The relation between Rejects and Voters is currently the highest we
ever had.  I'm just asking whether we need some technical improvement
here because I personally add a count of three to the rejects and
have no idea how to vote successfully.


I had problems with encrypted voting.  Unencrypted voting worked for me.


I tried signed mails with pine (ups, sorry, I know it's non-free) and
after this I sended (according to Manoj's hint) mails using mailx one
time with --sign --armor and one tim ewith --clearsign --armor which
failed both.  I never sended encrypted votings.

Kind regards

 Andreas.

--
http://fam-tille.de


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



many rejects (Re: Second call for votes for the debian project leader election 2007)

2007-03-27 Thread Bart Martens
On Wed, 2007-03-28 at 07:43 +0200, Andreas Tille wrote:
> The relation between Rejects and Voters is currently the highest we
> ever had.  I'm just asking whether we need some technical improvement
> here because I personally add a count of three to the rejects and
> have no idea how to vote successfully.

I had problems with encrypted voting.  Unencrypted voting worked for me.




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-27 Thread Andreas Tille

On Tue, 27 Mar 2007, Debian Project Secretary wrote:


===
|||Total # of|  |Valid|Unique|Rejects|| Multiple ||
||Year|Developers|Quorum|Votes|Voters|   |% Voting| of Quorum||
---
||2002|  939 | 45.96| 238 | 227  | 40| 24.17  | 4.94 ||
||2003|  831 | 43.24| 200 | 192  | 58| 23.1   | 4.44 ||
||2004|  908 | 45.20| 315 | 230  | 15| 25.33  | 5.09 ||
||2005|  960 | 46.48| 199 | 189  | 19| 19.68  | 4.07 ||
||2006|  972 | 46.81| 129 | 125  | 14| 12.86  | 2.67 ||
||2007| 1037 | 48.30| 135 | 131  | 54| 12.62  | 2.71 ||
===


The relation between Rejects and Voters is currently the highest we
ever had.  I'm just asking whether we need some technical improvement
here because I personally add a count of three to the rejects and
have no idea how to vote successfully.

Kind regards

 Andreas.

--
http://fam-tille.de


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Re: Second call for votes for the debian project leader election 2007

2007-03-27 Thread Roland Marcus Rutschmann
> - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
> e0acebd2-71f1-4df8-ae4d-50355ad7aa81
> [  2 ] Choice 1: Wouter Verhelst
> [ 9 ] Choice 2: Aigars Mahinovs
> [ 6 ] Choice 3: Gustavo Franco
> [  3 ] Choice 4: Sam Hocevar
> [  3 ] Choice 5: Steve McIntyre
> [  1 ] Choice 6: Raphaël Hertzog
> [  4 ] Choice 7: Anthony Towns
> [  7 ] Choice 8: Simon Richter
> [  8 ] Choice 9: None Of The Above
> - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
>

-- 
--
 <[EMAIL PROTECTED]>
--



pgpxwsvVfKWaw.pgp
Description: PGP signature