Re: Cryptoswap -- was Re: raw disk access
Hi! * Martin Hermanowski <[EMAIL PROTECTED]> [20030116 01:18]: > On Wed, Jan 15, 2003 at 06:26:32PM -0500, Hubert Chan wrote: > > > "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: > > Andreas> patch-int is all of the above combined, for (optional) > > Andreas> compilation into the kernel. > > > > That would have been my guess too. > > > > BTW, I've also grepped through the cryptoapi and cryptoloop sources, and > > they seem to be only allocating memory at initialization and in the > > digest functions too (which would be expected). Yay! I guess I'll be > > setting up encrypted swap soon! :-) (sure - patch-int is cryptoapi+cryptoloop+ipsec_tunnel - see http://www.kerneli.org/about/) > Is it possible to use swsusp and crypto-swap? I'ld say no, because there > is no way for the kernel to get the key before swsusp resumes. d'accord. > It there any other way to do this? unless you use nvram or an external (cryptographic) token - no (storing it on harddisk would be ridiculously stupid) .. I know of no current implementation, but this could be done using e.g. Java iButtons, SmartCards (e.g. Schlumberger Cryptoflex), USB Tokens and the like. You'd want to authenticate against the USB Token on resume, thou. Count -- Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine. Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228 Our Life is what our thinking makes it.. Your mind is a weapon! Load it .. pgp33I7l32ZAV.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
On Wed, Jan 15, 2003 at 06:26:32PM -0500, Hubert Chan wrote: > > "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: > > [...] > > Andreas> here's how I understand it: > > [...] > > Andreas> patch-int is all of the above combined, for (optional) > Andreas> compilation into the kernel. > > That would have been my guess too. > > BTW, I've also grepped through the cryptoapi and cryptoloop sources, and > they seem to be only allocating memory at initialization and in the > digest functions too (which would be expected). Yay! I guess I'll be > setting up encrypted swap soon! :-) Is it possible to use swsusp and crypto-swap? I'ld say no, because there is no way for the kernel to get the key before swsusp resumes. It there any other way to do this? Regards, Martin pgpluKYMtpl44.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: [...] Andreas> here's how I understand it: [...] Andreas> patch-int is all of the above combined, for (optional) Andreas> compilation into the kernel. That would have been my guess too. BTW, I've also grepped through the cryptoapi and cryptoloop sources, and they seem to be only allocating memory at initialization and in the digest functions too (which would be expected). Yay! I guess I'll be setting up encrypted swap soon! :-) Thanks -- Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/ PGP/GnuPG key: 1024D/124B61FA Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. pgpGpm04yDGiS.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
Hi! * Hubert Chan <[EMAIL PROTECTED]> [20030115 22:55]: > >>>>> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: > Andreas> have a look at the sourcecode in e.g. > Andreas> > http://www.kernel.org/pub/linux/kernel/people/hvr/testing/patch-int-2.4.20.1.bz2 > > Thanks. I'll take a look at that. If you don't mind clarifying > something for me, what is the relationship between patch-int, and > cryptoapi and cryptoloop? here's how I understand it: the cryptoapi is the crypto infrastructure for the kernel, including some ciphers .. this code can be used by other stuff, for example cryptoloop (the loopback crypto device implementation) or ipsec_tunnel. all of this can be compiled as a module, and loaded into (almost) any kernel. patch-int is all of the above combined, for (optional) compilation into the kernel. Count -- Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine. Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228 Our Life is what our thinking makes it.. Your mind is a weapon! Load it .. pgplFh24JFeFU.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
Hi! * Martin Hermanowski <[EMAIL PROTECTED]> [20030116 01:18]: > On Wed, Jan 15, 2003 at 06:26:32PM -0500, Hubert Chan wrote: > > > "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: > > Andreas> patch-int is all of the above combined, for (optional) > > Andreas> compilation into the kernel. > > > > That would have been my guess too. > > > > BTW, I've also grepped through the cryptoapi and cryptoloop sources, and > > they seem to be only allocating memory at initialization and in the > > digest functions too (which would be expected). Yay! I guess I'll be > > setting up encrypted swap soon! :-) (sure - patch-int is cryptoapi+cryptoloop+ipsec_tunnel - see http://www.kerneli.org/about/) > Is it possible to use swsusp and crypto-swap? I'ld say no, because there > is no way for the kernel to get the key before swsusp resumes. d'accord. > It there any other way to do this? unless you use nvram or an external (cryptographic) token - no (storing it on harddisk would be ridiculously stupid) .. I know of no current implementation, but this could be done using e.g. Java iButtons, SmartCards (e.g. Schlumberger Cryptoflex), USB Tokens and the like. You'd want to authenticate against the USB Token on resume, thou. Count -- Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine. Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228 Our Life is what our thinking makes it.. Your mind is a weapon! Load it .. msg08437/pgp0.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
On Wed, Jan 15, 2003 at 06:26:32PM -0500, Hubert Chan wrote: > > "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: > > [...] > > Andreas> here's how I understand it: > > [...] > > Andreas> patch-int is all of the above combined, for (optional) > Andreas> compilation into the kernel. > > That would have been my guess too. > > BTW, I've also grepped through the cryptoapi and cryptoloop sources, and > they seem to be only allocating memory at initialization and in the > digest functions too (which would be expected). Yay! I guess I'll be > setting up encrypted swap soon! :-) Is it possible to use swsusp and crypto-swap? I'ld say no, because there is no way for the kernel to get the key before swsusp resumes. It there any other way to do this? Regards, Martin msg08436/pgp0.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: [...] Andreas> have a look at the sourcecode in e.g. Andreas> http://www.kernel.org/pub/linux/kernel/people/hvr/testing/patch-int-2.4.20.1.bz2 Thanks. I'll take a look at that. If you don't mind clarifying something for me, what is the relationship between patch-int, and cryptoapi and cryptoloop? -- Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/ PGP/GnuPG key: 1024D/124B61FA Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. pgpVMOhtghSjg.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: [...] Andreas> here's how I understand it: [...] Andreas> patch-int is all of the above combined, for (optional) Andreas> compilation into the kernel. That would have been my guess too. BTW, I've also grepped through the cryptoapi and cryptoloop sources, and they seem to be only allocating memory at initialization and in the digest functions too (which would be expected). Yay! I guess I'll be setting up encrypted swap soon! :-) Thanks -- Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/ PGP/GnuPG key: 1024D/124B61FA Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. msg08435/pgp0.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
Hi! * Hubert Chan <[EMAIL PROTECTED]> [20030115 21:33]: > >>>>> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: > Andreas> FUD alert! I like loop-AES, too, and would REALLY love general > Andreas> inclusion into Debian kernels, but this doesn't mean the > Andreas> authors of alternatives are/may be idiots. > > Andreas> Please don't spread Fear, Uncertainty and Doubt without > Andreas> referring to facts you're sure of. Leave that to Mickeysoft ;) > > I wasn't trying to spread FUD. See how my first sentence was a > question, and my use of "I couldn't find [information]" and "I don't > think", all of which are asking for more clarification. [..] > If you can point me to an official statement, please let me know. > Things to the effect of "it works for me" don't count, since the issue > doesn't seem to be terribly likely to occur. Since you have asked me > not to spread FUD without referring to facts, I would ask that you > return the same courtesy and not call someone on spreading FUD without > referring to facts. have a look at the sourcecode in e.g. http://www.kernel.org/pub/linux/kernel/people/hvr/testing/patch-int-2.4.20.1.bz2 .. the only places where memory allocation occurs at all is during initialization and when using a digest. for a read or write access memory pointers are set up and are passed to the function implementing the cipher algorithm. none of these do any memory allocation at all, but work on existing memory. no need to find a statment saying `the code does what the code says`. Count -- Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine. Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228 Our Life is what our thinking makes it.. Your mind is a weapon! Load it .. pgpNMVLOz1Tly.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
Hi! * Hubert Chan <[EMAIL PROTECTED]> [20030115 22:55]: > >>>>> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: > Andreas> have a look at the sourcecode in e.g. > Andreas> >http://www.kernel.org/pub/linux/kernel/people/hvr/testing/patch-int-2.4.20.1.bz2 > > Thanks. I'll take a look at that. If you don't mind clarifying > something for me, what is the relationship between patch-int, and > cryptoapi and cryptoloop? here's how I understand it: the cryptoapi is the crypto infrastructure for the kernel, including some ciphers .. this code can be used by other stuff, for example cryptoloop (the loopback crypto device implementation) or ipsec_tunnel. all of this can be compiled as a module, and loaded into (almost) any kernel. patch-int is all of the above combined, for (optional) compilation into the kernel. Count -- Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine. Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228 Our Life is what our thinking makes it.. Your mind is a weapon! Load it .. msg08434/pgp0.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: [...] Andreas> FUD alert! I like loop-AES, too, and would REALLY love general Andreas> inclusion into Debian kernels, but this doesn't mean the Andreas> authors of alternatives are/may be idiots. Andreas> Please don't spread Fear, Uncertainty and Doubt without Andreas> referring to facts you're sure of. Leave that to Mickeysoft ;) I wasn't trying to spread FUD. See how my first sentence was a question, and my use of "I couldn't find [information]" and "I don't think", all of which are asking for more clarification. All I know is that when Jari first announced that loop-AES officially supports swap encryption, and detailed what the issues involved were, he mentioned that cryptoapi did not, at that time, handle things properly. Recently, I searched the kerneli.org page, and did a Google search, and could find nothing resembling an official statement, or even an implication from an official source, that cryptoapi/cryptoloop supports swap encryption. Glancing through the changelogs, I did not find anything that suggested that cryptoapi/cryptoloop supports encrypted swap. The author(s) of cryptoapi were aware of Jari's announcement and, to my knowledge, didn't try to refute anything. You can find all the details on the linux-crypto list (do a Google search for it, and I think it's even linked from the kerneli page), around August 2001. A google search for "encrypted swap" actually brings Jari's announcement as the first result. (Looking back, I see that there are actually a few relevant posts by Jari, in August/September 2001. If you can point me to an official statement, please let me know. Things to the effect of "it works for me" don't count, since the issue doesn't seem to be terribly likely to occur. Since you have asked me not to spread FUD without referring to facts, I would ask that you return the same courtesy and not call someone on spreading FUD without referring to facts. -- Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/ PGP/GnuPG key: 1024D/124B61FA Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. pgpAKPIbOjdc0.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: [...] Andreas> have a look at the sourcecode in e.g. Andreas> http://www.kernel.org/pub/linux/kernel/people/hvr/testing/patch-int-2.4.20.1.bz2 Thanks. I'll take a look at that. If you don't mind clarifying something for me, what is the relationship between patch-int, and cryptoapi and cryptoloop? -- Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/ PGP/GnuPG key: 1024D/124B61FA Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. msg08433/pgp0.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
Hi! * Hubert Chan <[EMAIL PROTECTED]> [20030115 21:33]: > >>>>> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: > Andreas> FUD alert! I like loop-AES, too, and would REALLY love general > Andreas> inclusion into Debian kernels, but this doesn't mean the > Andreas> authors of alternatives are/may be idiots. > > Andreas> Please don't spread Fear, Uncertainty and Doubt without > Andreas> referring to facts you're sure of. Leave that to Mickeysoft ;) > > I wasn't trying to spread FUD. See how my first sentence was a > question, and my use of "I couldn't find [information]" and "I don't > think", all of which are asking for more clarification. [..] > If you can point me to an official statement, please let me know. > Things to the effect of "it works for me" don't count, since the issue > doesn't seem to be terribly likely to occur. Since you have asked me > not to spread FUD without referring to facts, I would ask that you > return the same courtesy and not call someone on spreading FUD without > referring to facts. have a look at the sourcecode in e.g. http://www.kernel.org/pub/linux/kernel/people/hvr/testing/patch-int-2.4.20.1.bz2 .. the only places where memory allocation occurs at all is during initialization and when using a digest. for a read or write access memory pointers are set up and are passed to the function implementing the cipher algorithm. none of these do any memory allocation at all, but work on existing memory. no need to find a statment saying `the code does what the code says`. Count -- Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine. Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228 Our Life is what our thinking makes it.. Your mind is a weapon! Load it .. msg08432/pgp0.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
> "Andreas" == Andreas Kotes <[EMAIL PROTECTED]> writes: [...] Andreas> FUD alert! I like loop-AES, too, and would REALLY love general Andreas> inclusion into Debian kernels, but this doesn't mean the Andreas> authors of alternatives are/may be idiots. Andreas> Please don't spread Fear, Uncertainty and Doubt without Andreas> referring to facts you're sure of. Leave that to Mickeysoft ;) I wasn't trying to spread FUD. See how my first sentence was a question, and my use of "I couldn't find [information]" and "I don't think", all of which are asking for more clarification. All I know is that when Jari first announced that loop-AES officially supports swap encryption, and detailed what the issues involved were, he mentioned that cryptoapi did not, at that time, handle things properly. Recently, I searched the kerneli.org page, and did a Google search, and could find nothing resembling an official statement, or even an implication from an official source, that cryptoapi/cryptoloop supports swap encryption. Glancing through the changelogs, I did not find anything that suggested that cryptoapi/cryptoloop supports encrypted swap. The author(s) of cryptoapi were aware of Jari's announcement and, to my knowledge, didn't try to refute anything. You can find all the details on the linux-crypto list (do a Google search for it, and I think it's even linked from the kerneli page), around August 2001. A google search for "encrypted swap" actually brings Jari's announcement as the first result. (Looking back, I see that there are actually a few relevant posts by Jari, in August/September 2001. If you can point me to an official statement, please let me know. Things to the effect of "it works for me" don't count, since the issue doesn't seem to be terribly likely to occur. Since you have asked me not to spread FUD without referring to facts, I would ask that you return the same courtesy and not call someone on spreading FUD without referring to facts. -- Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/ PGP/GnuPG key: 1024D/124B61FA Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. msg08431/pgp0.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
* Quoting Hubert Chan ([EMAIL PROTECTED]): > Do the kerneli modules (officially) work with encrypted swap? I know It works for me. > encryption, which may allocate new memory, ad infinitum. loop-AES takes > care of that explicitly, by preallocating memory, but I don't think > cryptoapi/cryptoloop does, so you may be taking your chances with it. You can use loop-jari with it. With loop-aes you're bound to one cipher. YMMV. - rk -- Ahahahahaha! Ahahahaha! Aahahaha! BEWARE! Yrs sincerely The Opera Ghost
Re: Cryptoswap -- was Re: raw disk access
On Tue, Jan 14, 2003 at 10:08:22PM -0500, Hubert Chan wrote: > > "Rolf" == Rolf Kutz <[EMAIL PROTECTED]> writes: > > Rolf> * Quoting Joshua SS Miller ([EMAIL PROTECTED]): > >> Cryptoswap? Hmm sound like something I was thinking about earlier > >> today. Do you have a good resource for this? > > Rolf> http://www.kerneli.org/index.php > > Do the kerneli modules (officially) work with encrypted swap? I know > loop-AES does, but I couldn't find anything about the kerneli > (cryptoapi/cryptoloop) modules. (For loop-AES, do a Google search for > it.) > > When encrypting swap, you need to make sure that you don't allocate new > memory. Otherwise, it may cause some swapping, which makes you do > encryption, which may allocate new memory, ad infinitum. loop-AES takes > care of that explicitly, by preallocating memory, but I don't think > cryptoapi/cryptoloop does, so you may be taking your chances with it. Yes they do. I don't know if it's in the current release, but I wrote a sample rc script and notes on it which should be included in the package. I never build a machine without it.
Re: Cryptoswap -- was Re: raw disk access
* Quoting Hubert Chan ([EMAIL PROTECTED]): > Do the kerneli modules (officially) work with encrypted swap? I know It works for me. > encryption, which may allocate new memory, ad infinitum. loop-AES takes > care of that explicitly, by preallocating memory, but I don't think > cryptoapi/cryptoloop does, so you may be taking your chances with it. You can use loop-jari with it. With loop-aes you're bound to one cipher. YMMV. - rk -- Ahahahahaha! Ahahahaha! Aahahaha! BEWARE! Yrs sincerely The Opera Ghost -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cryptoswap -- was Re: raw disk access
Hi! * Hubert Chan <[EMAIL PROTECTED]> [20030115 04:20]: > >>>>> "Rolf" == Rolf Kutz <[EMAIL PROTECTED]> writes: > Rolf> * Quoting Joshua SS Miller ([EMAIL PROTECTED]): > >> Cryptoswap? Hmm sound like something I was thinking about earlier > >> today. Do you have a good resource for this? > > Rolf> http://www.kerneli.org/index.php > > Do the kerneli modules (officially) work with encrypted swap? I know > loop-AES does, but I couldn't find anything about the kerneli > (cryptoapi/cryptoloop) modules. (For loop-AES, do a Google search for > it.) > > When encrypting swap, you need to make sure that you don't allocate new > memory. Otherwise, it may cause some swapping, which makes you do > encryption, which may allocate new memory, ad infinitum. loop-AES takes > care of that explicitly, by preallocating memory, but I don't think > cryptoapi/cryptoloop does, so you may be taking your chances with it. FUD alert! I like loop-AES, too, and would REALLY love general inclusion into Debian kernels, but this doesn't mean the authors of alternatives are/may be idiots. Please don't spread Fear, Uncertainty and Doubt without referring to facts you're sure of. Leave that to Mickeysoft ;) My EUR 0.02. Count -- Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine. Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228 Our Life is what our thinking makes it.. Your mind is a weapon! Load it .. pgpqXXiCyd3oO.pgp Description: PGP signature
Re: Cryptoswap -- was Re: raw disk access
On Tue, Jan 14, 2003 at 10:08:22PM -0500, Hubert Chan wrote: > > "Rolf" == Rolf Kutz <[EMAIL PROTECTED]> writes: > > Rolf> * Quoting Joshua SS Miller ([EMAIL PROTECTED]): > >> Cryptoswap? Hmm sound like something I was thinking about earlier > >> today. Do you have a good resource for this? > > Rolf> http://www.kerneli.org/index.php > > Do the kerneli modules (officially) work with encrypted swap? I know > loop-AES does, but I couldn't find anything about the kerneli > (cryptoapi/cryptoloop) modules. (For loop-AES, do a Google search for > it.) > > When encrypting swap, you need to make sure that you don't allocate new > memory. Otherwise, it may cause some swapping, which makes you do > encryption, which may allocate new memory, ad infinitum. loop-AES takes > care of that explicitly, by preallocating memory, but I don't think > cryptoapi/cryptoloop does, so you may be taking your chances with it. Yes they do. I don't know if it's in the current release, but I wrote a sample rc script and notes on it which should be included in the package. I never build a machine without it. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cryptoswap -- was Re: raw disk access
Hi! * Hubert Chan <[EMAIL PROTECTED]> [20030115 04:20]: > >>>>> "Rolf" == Rolf Kutz <[EMAIL PROTECTED]> writes: > Rolf> * Quoting Joshua SS Miller ([EMAIL PROTECTED]): > >> Cryptoswap? Hmm sound like something I was thinking about earlier > >> today. Do you have a good resource for this? > > Rolf> http://www.kerneli.org/index.php > > Do the kerneli modules (officially) work with encrypted swap? I know > loop-AES does, but I couldn't find anything about the kerneli > (cryptoapi/cryptoloop) modules. (For loop-AES, do a Google search for > it.) > > When encrypting swap, you need to make sure that you don't allocate new > memory. Otherwise, it may cause some swapping, which makes you do > encryption, which may allocate new memory, ad infinitum. loop-AES takes > care of that explicitly, by preallocating memory, but I don't think > cryptoapi/cryptoloop does, so you may be taking your chances with it. FUD alert! I like loop-AES, too, and would REALLY love general inclusion into Debian kernels, but this doesn't mean the authors of alternatives are/may be idiots. Please don't spread Fear, Uncertainty and Doubt without referring to facts you're sure of. Leave that to Mickeysoft ;) My EUR 0.02. Count -- Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine. Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228 Our Life is what our thinking makes it.. Your mind is a weapon! Load it .. msg08428/pgp0.pgp Description: PGP signature