SOP migration (was Re: Reaction to potential PGP schism)
Hi! Daniel thanks for all your work on the OpenPGP working group, and on SOP! :) On Wed, 2023-12-20 at 22:16:28 -0500, Daniel Kahn Gillmor wrote: > # What Can Debian Do About This? > > I've attempted to chart one possible path out of part of this situation > by proposing a minimized, simplified interface to some common baseline > OpenPGP semantics -- in particular, the "Stateless OpenPGP" interface, > or "sop", as documented here: > >https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/ > If your part of Debian's infrastructure depends on GnuPG, consider > making it depend on a sop implementation instead, so we don't end up > stuck on a single OpenPGP implementation in the future. If the sop > semantics are insufficient for your purposes, please report your needs > at https://gitlab.com/dkg/openpgp-stateless-cli ! I think this is the way to go, and to try to support that goal I started a wiki page to track what might need to be switched: https://gitlab.com/dkg/openpgp-stateless-cli/-/wikis/Stateless-OpenPGP-status I listed there some potential issues I could come up with for such migrations. Also at the time, something that felt like a soft blocker was that the schism was not widely known, so having to give that full context first for every contacted project seemed a bit awkward, which now should be out of the way, and a reference to some of the published articles should be enough. Time and energy permitting, I'd like to start at least filing issues for these projects, and ideally provide patches. Help with any of that would be highly appreciated! Including how to best integrate SOP into a distribution (I'll be updating one of the tickets for a potentially better «alternatives» usage pattern). Also if a project uses perl, and using the Dpkg::OpenPGP modules would make sense there, please reach out so that we can see what might be missing so that they can be stabilized to make them public interfaces. Thanks, Guillem
Re: Reaction to potential PGP schism
Hi Daniel, Quick backstory: I stayed away from hardware crypto for a long while since there were so many incompatibilities, partial support, or side patches to get basic things to work. Over time, it seems it got to a point where it's mainstream enough that you can buy a Yubikey without much of a second thought, and get GPG to work out of the box on it… Daniel Kahn Gillmor (2023-12-20): > OpenPGP implementations have generally learned from those failures, and > many of them are now much more resilient and can support the kinds of > upgrade path that we need to consider. For most of our > signing/verifying-focused work, that means: > > - verifying tools should ignore signatures and certificates that they >don't understand, while still validating signatures from certificates >that they do understand > > - signing tools can make pairs of signatures, one "compatibility" >signature and one "modern" signature > > This means that for a debian signing/verification context, like package > distribution, which has a global workflow, starting from an existing > OpenPGP implementation, signing key and corresponding verification > certificate, it looks like: > > 0) upgrade the signing tool, and start upgrading some of the > verification tooling. > > 1) create a new signing certificate with the new version, algorithm, or > feature. > > 2) distribute the old+new certificates for the verifiers. > > 3) make signatures with old+new in parallel > > 4) complete upgrade of all verification tooling > > 5) stop making signatures with old signing certificates … what does this mean for anything that involves hardware-backed crypto? I'm thinking Yubikeys and the like, but also HSMs that might be on the critical path to sign things like GRUB, linux (at least for now), etc. Even if we end up with a brand new gnupg release on the relevant signing host(s), I fear hardware devices might not feature all the bits that are needed for those new features? Cheers, -- Cyril Brulebois (k...@debian.org)<https://debamax.com/> D-I release manager -- Release team member -- Freelance Consultant signature.asc Description: PGP signature
Re: Reaction to potential PGP schism
Hi Gioele-- On Thu 2023-12-21 11:02:06 +0100, Gioele Barabucci wrote: > On 21/12/23 04:16, Daniel Kahn Gillmor wrote: > As the Uploader of rust-sequoia-openpgp, what do you think of the > related sequoia-chameleon-gnupg project [1] (drop-in replacement for gpg > that uses sequoia internally)? > > Would it work as a stop-gap measure while the Debian infrastructure > moves from GnuPG to something else (to `sop`, for instance)? > > [1] https://gitlab.com/sequoia-pgp/sequoia-chameleon-gnupg not yet in > Debian AFAIK Thanks for pointing this out! It looks interesting, but i've never used it (or even tested it) myself. I don't think it can be a completely perfect, feature-for-feature replacement for GnuPG, given the overwhelming complexity and peculiarity of the GnuPG interface, but I imagine it would work for some people, for some purposes. I certainly wouldn't object to anyone packaging it for debian as long as it ships its binary interface someplace other than /usr/bin/gpg. Modulo dealing with the rust dependencies, that seems like an obviously reasonable and straightforward thing to try to do. I don't know how the "chameleon" would compare with GnuPG itself in terms of performance or some of the scaling concerns i mentioned in my earlier e-mail, but such a straightforward deployment should make it easy to test. If you're asking about using /etc/alternatives or something like that to provide some sort of generic swapping capability, or a dpkg Provides:, such that /usr/bin/gpg on some systems would point toward the "chameleon", i would want to see some significant archive-wide testing done before we even consider inflicting that on our normal users. This would be the kind of thing that the experimental archive is designed for. One of the ongoing challenges with GnuPG development is the fear of dropping or mis-handling some feature or flag or option or configuration that someone has stuffed into some script somewhere and completely forgotten about. GnuPG itself deals with this kind of problem regularly, and sometimes things like this do break during an upgrade. Clawing the way back from such a break actually ends up making the interface even more complex and surprising to those people who haven't seen how it accreted in the first place :/ It was scary enough to change /usr/bin/gpg to move from the 1.4 branch to the 2.x branch many years ago (we shipped the 2.0 branch as /usr/bin/gpg2, and only finally made /usr/bin/gpg update when the 2.1.x branch was sufficiently mature). And even thenm we dealt with the fallout from that change for years (e.g. see /usr/bin/migrate-pubring-from-classic-gpg in the gnupg-utils package). The differences were enough that I resisted using /etc/alternatives to let each installation decide which package offered /usr/bin/gpg1, because of the dangerous side effects of switching back and forth (see #806904 for example, and the conversations at DebConf14). I can only imagine that trying to ship the "chameleon" as /usr/bin/gpg would face some of the same challenges, probably even more severely. At best, something like this would be a stop-gap, as you say. i wouldn't want the long-term health of *PGP functionality in debian to depend specifically on the command-line interface for /usr/bin/gpg, regardless of who is implementing it. Even GnuPG upstream appears to agree with this sentiment, as they encourage programmatic users of GnuPG to use libgpgme, which is supposed to hide some of the command-line complexity. --dkg signature.asc Description: PGP signature
Re: Reaction to potential PGP schism
Interesting point in this talk: The APT team is already working on non- PGP signatures. https://wiki.debian.org/Teams/Apt/Spec/AptSign I can see the advantages of that for release signatures which use a rarely changing set of keys. However, I do not see any good alternative for PGP for personal signatures such as developer communication and maintainer uploads. PGP is really handy because once trust of the key fingerprint for a person is established, the person can easily make changes such as adding subkeys, editing the expiration date, revoking keys, etc. at any time. This would also be less convenient with a CMS-PKI-CA-hierarchy based system. Regards Stephan signature.asc Description: This is a digitally signed message part
Re: Reaction to potential PGP schism
On Wed, Dec 20, 2023 at 10:16:28PM -0500, Daniel Kahn Gillmor wrote: > # Why is GnuPG on Debian's Critical Path? > > In 2023, I believe GnuPG is baked into our infrastructure largely due to > that project's idiosyncratic interface. It is challenging even for a > sophisticated engineer to figure out how to get GnuPG to (probably, > hopefully!) fulfill a cryptographic task in their project. Once that is > done, it's especially painful to consider moving to a different OpenPGP > implementation, because the interface to another implementation rarely > lines up cleanly with GnuPG's interface. I maintain critical code that calls out to gnupg, in part because at the time I wrote it that was the only thing available, and in part because I'm supposed to offer the broadest possible compatibility with what other people in Debian are using, so if everyone else seems to use gnupg, gnupg is the first thing I would consider. I hated and still hate every single moment I spent having to interface with gnupg. The protocol to interact with it is custom, hydiosincratic, poorly documented, and very hard to speak correctly. When in the end I managed to make things work, I was always left with the feeling that there would still be a corner case that I missed, or that will be introduced in a future gnupg release, waiting to become a security issue in our infrastructure, despite having asked for peer review from appropriate people in Debian. New releases make things harder rather than easier. Now gnupg is a mini-ecosystem of security-critical daemons that need to be brought up and killed, that may time out or run partly off sync with configuration, which adds even more know-how to the amount require to survive as downstream consumer of that one single "API". I've been wanting for literally decades something with language bindings, or with a protocol that is built on existing well-known standards, outputting data that I can parse with an existing and tested parser library, using I/O channels that I can manage using an existing and tested communication library. I hate it every single time I need to use gnupg, but still I use it because I understand it's what Debian has been expecting me to use, so I add that requirement to the pile of historical quirks that geologically accrete in our community, which make our barrier of entry so stylishly high, and make us appear oh so fearfully smart. > # What Can Debian Do About This? > > If you are implementing or maintaining an OpenPGP implementation in > debian, please consider encouraging upsteam to add a sop frontend, and > get it tested in the interop test suite! This. I don't know if it should be sop or a protocol or a standard, but I'd like to see Debian clearly document its expectations on its crypto requirements, and stand behind it. I personally believe that we should depend, for our core security, on an interoperable standard with multiple implementations rather than a project that follows the hydiosincracies of a single isolated upstream. Whatever we do, though, I want that to be official. As things stand I'll keep suffering with gnupg until at a DebConf I'll have at least 5 people look at me wide-eyed and say "are you still using THAT? Everyone moved to THIS instead!" I'd like to ask for what mature OpenPGP implementations exist today, pick one I feel I can confidently control, and then when somebody comes and says "my gpg/$TOOL segfaults on your input", I want to be able to point them at a documented decision and say "please report a bug to $TOOL" instead of taking a week off to port everything again to gpg. Thank you for all the work you've done on this over the years! I've appreciated it with great gratitude and a big hope that some day, thanks to you and others like you, those >=5 people at a DebConf will really look at me wide-eyed and show me a way out of the pit. Enrico -- GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zini signature.asc Description: PGP signature
Re: Reaction to potential PGP schism
On 21/12/23 04:16, Daniel Kahn Gillmor wrote: # What Can Debian Do About This? I've attempted to chart one possible path out of part of this situation by proposing a minimized, simplified interface to some common baseline OpenPGP semantics -- in particular, the "Stateless OpenPGP" interface, or "sop", as documented here: https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/ Hi, thanks for the detailed overview. As the Uploader of rust-sequoia-openpgp, what do you think of the related sequoia-chameleon-gnupg project [1] (drop-in replacement for gpg that uses sequoia internally)? Would it work as a stop-gap measure while the Debian infrastructure moves from GnuPG to something else (to `sop`, for instance)? Regards, [1] https://gitlab.com/sequoia-pgp/sequoia-chameleon-gnupg not yet in Debian AFAIK -- Gioele Barabucci
Re: Reaction to potential PGP schism
Thank you very much for your explanation On Thu, Dec 21, 2023 at 2:13 AM, Christoph Biedl <debian.a...@manchmal.in-ulm.de> wrote: Daniel Kahn Gillmor wrote...(...)Thanks for your exhaustive description. I'd just like to point out onepoint:> In practice, i think it makes the most sense to engage with> well-documented, community-reviewed, interoperably-tested standards, and> the implementations that try to follow them. From my vantage point,> that looks like the OpenPGP projects that have continued to actively> engage in the IETF process, and have put in work to improve their> interoperability on the most sophisticated suite of OpenPGP tests that> we have (https://tests.sequoia-pgp.org/, maintained by the Sequoia> project for the community's benefit). Projects that work in that way> are also likely to benefit from smoother upgrades to upcoming work in> the IETF like post-quantum cryptographic schemes:>> https://datatracker.ietf.org/doc/draft-wussler-openpgp-pqc/There was a presentation at the recent MiniDebconf in Cambridge aboutpost-quantum cryptography, including the consequences for Debian (thatwas by Andy Simpkins):https://wiki.debian.org/DebianEvents/gb/2023/MiniDebConfCambridge/SimpkinsThe key point AIUI is Debian must take precautions *very* *soon* asthere's a realistic chance QC will - within the lifetime of trixie -evolve to a point where it seriously weakens the cryptographic securityas we know it. In other words, Debian must prepare for PQC within thetrixie development cycle, so within 2024.Therefore, my answer to "How can Debian deal with this [schism]?" isbasically: Debian needs to change things in that area anyway, let'sfirst find an implementation that provides what we need and has a saneimplementation. If that means turning away from GnuPG, so be it. Thetransition will be painful anyway.Christoph publicKey - MesoSecurity@protonmail.ch - 0xA98C9ECA.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: Reaction to potential PGP schism
Daniel Kahn Gillmor wrote... (...) Thanks for your exhaustive description. I'd just like to point out one point: > In practice, i think it makes the most sense to engage with > well-documented, community-reviewed, interoperably-tested standards, and > the implementations that try to follow them. From my vantage point, > that looks like the OpenPGP projects that have continued to actively > engage in the IETF process, and have put in work to improve their > interoperability on the most sophisticated suite of OpenPGP tests that > we have (https://tests.sequoia-pgp.org/, maintained by the Sequoia > project for the community's benefit). Projects that work in that way > are also likely to benefit from smoother upgrades to upcoming work in > the IETF like post-quantum cryptographic schemes: > > https://datatracker.ietf.org/doc/draft-wussler-openpgp-pqc/ There was a presentation at the recent MiniDebconf in Cambridge about post-quantum cryptography, including the consequences for Debian (that was by Andy Simpkins): https://wiki.debian.org/DebianEvents/gb/2023/MiniDebConfCambridge/Simpkins The key point AIUI is Debian must take precautions *very* *soon* as there's a realistic chance QC will - within the lifetime of trixie - evolve to a point where it seriously weakens the cryptographic security as we know it. In other words, Debian must prepare for PQC within the trixie development cycle, so within 2024. Therefore, my answer to "How can Debian deal with this [schism]?" is basically: Debian needs to change things in that area anyway, let's first find an implementation that provides what we need and has a sane implementation. If that means turning away from GnuPG, so be it. The transition will be painful anyway. Christoph signature.asc Description: PGP signature
Re: Reaction to potential PGP schism
hey folks-- [ This message won't make sense unless the reader distinguishes clearly between OpenPGP the protocol and GnuPG the implementation! As a community we have a history of fuzzily conflating the two terms, which is one of the reasons that we're in this mess today. Please read explicitly. ] [ Background: for those who don't know, i've been a maintainer in debian of GnuPG and other OpenPGP-related tooling for several years, and i'm also the co-chair of the IETF's OpenPGP working group; i participated in many of the discussions that led to the current sorry situation, and it is happening despite my best efforts to avoid this problem. I'm probably as responsible for this situation as anyone in Debian is. My apologies. ] The best outcome, in my opinion, would be for GnuPG to go ahead and implement the pending updated OpenPGP specification (the so-called "crypto-refresh"). I say this despite personally preferring some of the concrete ways that i think the GnuPG project would have preferred to (as indicated by the latest "LibrePGP" Internet-Draft, at least) diverge from the OpenPGP specification. There are enough other advantages to the OpenPGP crypto-refresh that it doesn't make sense for GnuPG to deliberately avoid implementing the community consensus. The GnuPG project clearly has all the underlying cryptographic and engineering capability to do this, if it wants to, and the OpenPGP crypto-refresh process took deliberate measures to avoid collisions with any prematurely deployed code that implements a draft that hadn't managed to reach a rough consensus. Can debian make GnuPG interoperate with the rest of the OpenPGP ecosystem? Probably not without GnuPG's cooperation: it would be a substantial patchset to carry in Debian, and even trickier to do if GnuPG upstream sees such a patchset as hostile. Read on below if you want to consider some other options. Stephan Verbücheln wrote: > As you probably know, Debian relies heavily on GnuPG for various > purposes, including: > - developer communication > - signing of tarballs and patches > - automated processes such as update validation by APT Debian by policy and by mechanism relies heavily on the OpenPGP protocol for these things. And i'd also add certificate verification, aka "web of trust" for Debian developer identities to the list as well. In particular, we use OpenPGP for cryptographic signing of software source, packaging information, archive control, and distribution mechanisms; for developer identities; and for cryptographic verification of all of these things. As a project, we don't make much use of the encryption/decryption parts of OpenPGP, since we develop mainly in the open. But not everyone uses GnuPG for these purposes. There are multiple interoperable OpenPGP implementations in Debian beyond the GnuPG family (C), including RNP (C/C++), pgpainless (java), pgpy (Python), GOpenPGP (Go), hOpenPGP (haskell), and Sequoia (Rust). But it is also true that the GnuPG implementation specifically is baked into some of our infrastructure. I'll get into why that is below (see "Why is GnuPG on Debian's Critical Path?"). > How can Debian deal with this? Should Debian intervene to prevent the > worst? I don't think Debian can make a specific intervention that will avoid the global problem, but i think there are things we can consider going forward. One possible approach is to drop the use of OpenPGP (or "LibrePGP") entirely, and instead base our internal cryptographic dependencies on bespoke cryptographic implementations. I think that would be a mistake. I do not want Debian's long-term health to depend on any particular implementation. If the implementation fails then we would have to (as a project) decide on our own upgrade path. For a failure due to cryptanalytic advances, that can be particularly harrowing: I don't think we as a project have the necessary expertise to do that well. For failures due to buggy implementations, we can always patch, but i wonder about the amount of cryptanalytic review a bespoke implementation will have as opposed to publicly audited generic tooling. If we have to decide as a project on LibrePGP vs. OpenPGP, i'd prefer the wider community project with a stable reference, functioning (albeit sometimes rough) consensus, a range of diverse implementations, and substantial public interoperability testing. That means OpenPGP. To be clear, the IETF OpenPGP working group actively solicited input from the GnuPG team, and tried to work with the project as one significant implementation among many. But ultimately, the GnuPG project decided to break away from the community process, and created this "LibrePGP" split, which threatens interoperability for the *PGP ecosystem as a whole. Maybe the end result of this will be to put a nail in *PGP's coffin, and we'll all just go back to bespoke cryptographic imp
Re: Reaction to potential PGP schism
On 17077 March 1977, Stephan Verbücheln wrote: How can Debian deal with this? Should Debian intervene to prevent the worst? We, as Debian, look and wait what comes out. And then *MAY* at some point decide to add (or switch to) a new thing, if that appears better. Also, it will be a high bar for that.[1] Individuals, including Debian developers, are - of course - free to jump in and take part in this. [1] not counting the usage/scriptability of gnupg, that bar is somewhere down DEEEP in the earth, its so horrible. -- bye, Joerg
Re: Reaction to potential PGP schism
Hi, Personal view here. Stephan Verbücheln wrote on 14/12/2023 at 11:29:17+0100: > [[PGP Signed Part:No public key for 603542590A3C7C62 created at > 2023-12-14T11:29:17+0100 using EDDSA]] > Hello everyone > > As you probably know, Debian relies heavily on GnuPG for various > purposes, including: > - developer communication > - signing of tarballs and patches > - automated processes such as update validation by APT > > The OpenPGP Working Group at IETF is currently working on a new > standard. > > https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/ > > Due to different opinions, some people (including notably the GnuPG > team) have quit the IETF Working Group and proposed their own LibrePGP > standard. > > https://librepgp.org/ > > Notably remaining in the IETF Working Group are people from Proton Mail > (maintaining OpenPGP.JS) and Sequoia PGP (free implementation in Rust). > > The disagreements are about details such as algorithms and file formats > which make both standards incompatible. > > How can Debian deal with this? By doing nothing. > Should Debian intervene to prevent the worst? No. -- PEB signature.asc Description: PGP signature
Reaction to potential PGP schism
Hello everyone As you probably know, Debian relies heavily on GnuPG for various purposes, including: - developer communication - signing of tarballs and patches - automated processes such as update validation by APT The OpenPGP Working Group at IETF is currently working on a new standard. https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/ Due to different opinions, some people (including notably the GnuPG team) have quit the IETF Working Group and proposed their own LibrePGP standard. https://librepgp.org/ Notably remaining in the IETF Working Group are people from Proton Mail (maintaining OpenPGP.JS) and Sequoia PGP (free implementation in Rust). The disagreements are about details such as algorithms and file formats which make both standards incompatible. How can Debian deal with this? Should Debian intervene to prevent the worst? Regards Stephan signature.asc Description: This is a digitally signed message part
Re: PGP/GnuPG unsecure, should be replaced?
On Thu, Jul 25, 2019 at 06:31:34PM +1200, Pieter le Roux wrote: > Good idea! Change something because it works! Hi, there is sqv from Sequoia PGP: https://sequoia-pgp.org/ Yours, VB. -- Volker Birk, p≡p project mailto:v...@pep-project.org https://pep.software signature.asc Description: PGP signature
Re: PGP/GnuPG unsecure, should be replaced?
Good idea! Change something because it works! Any change we can make it part of systemd? My emoticon for being sarcastic: OO|OO On 19/07/19 11:34 PM, Stephan Seitz wrote: > Hi! > > I found the following article about PGP/GnuPG: > https://latacora.singles/2019/07/16/the-pgp-problem.html > > In short you should drop GnuPG because it doesn’t do anything really > the right way. It should be replaced with different tools for > different situations. > > Debian is using GnuPG for signing files. From the article: > > Signing Packages > > Use Signify/Minisign. Ted Unangst will tell you all about it. It’s what > OpenBSD uses to sign packages. It’s extremely simple and uses modern > signing. Minisign, from Frank Denis, the libsodium guy, brings the > same design to Windows and macOS; it has bindings for Go, Rust, > Python, Javascript, and .NET; it’s even compatible with Signify. > > What do you think? > > Shade and sweet water! > > Stephan >
Re: PGP/GnuPG unsecure, should be replaced?
I must have picked that up somewhere I didn't check when I was younger and just took it as fact leading to fail :( Sorry! I am not a cryptographic expert - IANACE?? Iain On Sun, Jul 21, 2019 at 8:11 PM Elmar Stellnberger wrote: > Why do you think that TwoFish is bad? It was invented by Bruce Schneier > and was in the last round of the AES competition. I believe it to be the > better choice than AES. > Am 20.07.19 um 21:41 schrieb Iain Grant: > > 2 fish... that in it's self is bad. AES, sure lets all be ok about > that. > > I also read the article and I realise I still rely on gpg far too much and > that I need to ween myself off of it! > > > Iain > > On Sat, Jul 20, 2019 at 8:33 PM qmi (list) wrote: > >> Hi, >> >> On 7/19/19 1:34 PM, Stephan Seitz wrote: >> > I found the following article about PGP/GnuPG: >> > https://latacora.singles/2019/07/16/the-pgp-problem.html >> > >> > In short you should drop GnuPG because it doesn’t do anything really >> > the right way. It should be replaced with different tools for >> > different situations. >> >> I checked that article. For e.g. the article says, "If you’re lucky, >> your local GnuPG defaults to 2048-bit RSA, the 64-bit-block CAST5 cipher >> in CFB, ..." >> >> Wrong. The current implementation of GnuPG shipped by Debian Buster - >> version 2.2.12 - does support modern cryptographic standards for >> symmetric encryption, not only CAST5. For e.g., it does support twofish >> and aes. Both of which use 128-bit block sizes, AFAIK. See command >> output for gpg below about supported algorithms: >> >> " >> >> qmi@qmiacer:~$ gpg --version >> >> gpg (GnuPG) 2.2.12 >> (...) >> Supported algorithms: >> Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA >> Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, >> CAMELLIA128, CAMELLIA192, CAMELLIA256 >> (...) >> " >> >> So it's good enough, apparently. >> >> > >> > Debian is using GnuPG for signing files. From the article: >> > >> > Signing Packages >> > >> > Use Signify/Minisign. Ted Unangst will tell you all about it. It’s what >> >> You may be right, though. That tool might have better bindings for >> modern programming languages. >> >> Regards, >> -- >> qmi >> Email: li...@miklos.info >> >>
Re: PGP/GnuPG unsecure, should be replaced?
Why do you think that TwoFish is bad? It was invented by Bruce Schneier and was in the last round of the AES competition. I believe it to be the better choice than AES. Am 20.07.19 um 21:41 schrieb Iain Grant: 2 fish... that in it's self is bad. AES, sure lets all be ok about that. I also read the article and I realise I still rely on gpg far too much and that I need to ween myself off of it! Iain On Sat, Jul 20, 2019 at 8:33 PM qmi (list) <mailto:li...@miklos.info>> wrote: Hi, On 7/19/19 1:34 PM, Stephan Seitz wrote: > I found the following article about PGP/GnuPG: > https://latacora.singles/2019/07/16/the-pgp-problem.html > > In short you should drop GnuPG because it doesn’t do anything really > the right way. It should be replaced with different tools for > different situations. I checked that article. For e.g. the article says, "If you’re lucky, your local GnuPG defaults to 2048-bit RSA, the 64-bit-block CAST5 cipher in CFB, ..." Wrong. The current implementation of GnuPG shipped by Debian Buster - version 2.2.12 - does support modern cryptographic standards for symmetric encryption, not only CAST5. For e.g., it does support twofish and aes. Both of which use 128-bit block sizes, AFAIK. See command output for gpg below about supported algorithms: " qmi@qmiacer:~$ gpg --version gpg (GnuPG) 2.2.12 (...) Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 (...) " So it's good enough, apparently. > > Debian is using GnuPG for signing files. From the article: > > Signing Packages > > Use Signify/Minisign. Ted Unangst will tell you all about it. It’s what You may be right, though. That tool might have better bindings for modern programming languages. Regards, -- qmi Email: li...@miklos.info <mailto:li...@miklos.info>
Re: PGP/GnuPG unsecure, should be replaced?
li...@miklos.info transcribed 1.4K bytes on 20-Jul-2019 21:25: > > I checked that article. For e.g. the article says, "If you’re lucky, your > local GnuPG defaults to 2048-bit RSA, the 64-bit-block CAST5 cipher in CFB, > ..." > > Wrong. The current implementation of GnuPG shipped by Debian Buster - > version 2.2.12 - does support modern cryptographic standards for symmetric > encryption, not only CAST5. For e.g., it does support twofish and aes. Both > of which use 128-bit block sizes, AFAIK. See command output for gpg below > about supported algorithms: "defaults to" and "supports" are two different words with two different meanings. GnuPG's history is full of new features getting developed while insecure defaults being kept. I think, before moving to something completely new, like signify, moving to something like Sequoia PGP (https://sequoia-pgp.org), might be a good first step, as it fits better with the already existing infrastructure 路 Sincerely, Malte
Re: PGP/GnuPG unsecure, should be replaced?
2 fish... that in it's self is bad. AES, sure lets all be ok about that. I also read the article and I realise I still rely on gpg far too much and that I need to ween myself off of it! Iain On Sat, Jul 20, 2019 at 8:33 PM qmi (list) wrote: > Hi, > > On 7/19/19 1:34 PM, Stephan Seitz wrote: > > I found the following article about PGP/GnuPG: > > https://latacora.singles/2019/07/16/the-pgp-problem.html > > > > In short you should drop GnuPG because it doesn’t do anything really > > the right way. It should be replaced with different tools for > > different situations. > > I checked that article. For e.g. the article says, "If you’re lucky, > your local GnuPG defaults to 2048-bit RSA, the 64-bit-block CAST5 cipher > in CFB, ..." > > Wrong. The current implementation of GnuPG shipped by Debian Buster - > version 2.2.12 - does support modern cryptographic standards for > symmetric encryption, not only CAST5. For e.g., it does support twofish > and aes. Both of which use 128-bit block sizes, AFAIK. See command > output for gpg below about supported algorithms: > > " > > qmi@qmiacer:~$ gpg --version > > gpg (GnuPG) 2.2.12 > (...) > Supported algorithms: > Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA > Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, > CAMELLIA128, CAMELLIA192, CAMELLIA256 > (...) > " > > So it's good enough, apparently. > > > > > Debian is using GnuPG for signing files. From the article: > > > > Signing Packages > > > > Use Signify/Minisign. Ted Unangst will tell you all about it. It’s what > > You may be right, though. That tool might have better bindings for > modern programming languages. > > Regards, > -- > qmi > Email: li...@miklos.info > >
Re: PGP/GnuPG unsecure, should be replaced?
Hi, On 7/19/19 1:34 PM, Stephan Seitz wrote: I found the following article about PGP/GnuPG: https://latacora.singles/2019/07/16/the-pgp-problem.html In short you should drop GnuPG because it doesn’t do anything really the right way. It should be replaced with different tools for different situations. I checked that article. For e.g. the article says, "If you’re lucky, your local GnuPG defaults to 2048-bit RSA, the 64-bit-block CAST5 cipher in CFB, ..." Wrong. The current implementation of GnuPG shipped by Debian Buster - version 2.2.12 - does support modern cryptographic standards for symmetric encryption, not only CAST5. For e.g., it does support twofish and aes. Both of which use 128-bit block sizes, AFAIK. See command output for gpg below about supported algorithms: " qmi@qmiacer:~$ gpg --version gpg (GnuPG) 2.2.12 (...) Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 (...) " So it's good enough, apparently. Debian is using GnuPG for signing files. From the article: Signing Packages Use Signify/Minisign. Ted Unangst will tell you all about it. It’s what You may be right, though. That tool might have better bindings for modern programming languages. Regards, -- qmi Email: li...@miklos.info
PGP/GnuPG unsecure, should be replaced?
Hi! I found the following article about PGP/GnuPG: https://latacora.singles/2019/07/16/the-pgp-problem.html In short you should drop GnuPG because it doesn’t do anything really the right way. It should be replaced with different tools for different situations. Debian is using GnuPG for signing files. From the article: Signing Packages Use Signify/Minisign. Ted Unangst will tell you all about it. It’s what OpenBSD uses to sign packages. It’s extremely simple and uses modern signing. Minisign, from Frank Denis, the libsodium guy, brings the same design to Windows and macOS; it has bindings for Go, Rust, Python, Javascript, and .NET; it’s even compatible with Signify. What do you think? Shade and sweet water! Stephan -- | Public Keys: http://fsing.rootsland.net/~stse/keys.html | smime.p7s Description: S/MIME cryptographic signature
Re: make-pgp-clean-room suggestions / patches
(continued from https://lists.debian.org/debian-security/2017/11/msg9.html ) I seem to be banned from contacting Daniel Pocock by his spam filter, so I decided to write my own scripts, which turned into a rather bigger project than I'd planned on. Note that while this takes no code from his version, I am *not* trying to start an ongoing independent project: in addition to the generic fragmenting-effort-is-bad reasons, I don't want to be a repository owner of something this sensitive. Features: - Image creation first creates a local mirror of the needed packages then runs live-build without networking, to work around #718225 (live-build not always authenticating its downloads) and allow building an image from within the liveCD. - Key media can be USB sticks or CDs/DVDs (using the toram parameter to allow removing the boot liveCD). They are kept in sync by startup/shutdown scripts (i.e. _not_ RAIDed). - Plays an anti-acoustic-cryptanalysis sound during passphrase entry. - RAM wiping, by either a "fill memory" option of the shutdown script, or memtest86+ (more thorough, but requires BIOS (not EFI) boot and remembering to reboot into it). - Integrity check of the main system: check that file contents are what the packages say they should be. (Unlike tiger's deb_checkmd5sums, if you have the package file in the APT cache this verifies the whole chain back to the liveCD's debian-archive-keyring.) Known issues: - Originally designed for my own use: has hardcoded assumptions that are not appropriate for general use. (As it stands, it probably won't even build on systems other than mine, due to the usernames/paths in reproduce.sh / mirror_check_update.py ) - Less focused on ease of use than the original proposal: lacks a menu system. Networking and Bluetooth are currently hard-disabled by simply omitting the relevant kernel modules from the liveCD (because I didn't fancy an hours-long kernel recompile): this seems to work, but it might be better to do this in a more official way. gpglive.tar.xz Description: application/xz gpglive.tar.xz.sig Description: PGP signature
make-pgp-clean-room suggestions / patches
Background: my sponsor suggested that I apply for DM over a year ago, and the reason I haven't done so is that I'm not sure my security is up to it, given that anyone who hacks a DM can upload a Trojan. I only own one computer [0] (meaning it gets used for everything from contributing to casual web browsing and reading often-spam email) and my skills are at the maths-not-sysadmin end of programming. I have recently been reading up on security with intent to resolve this. Given the very security-sensitive nature of this project, can you point me to (or create) some proof that the person behind it is Pocock-the-DD? If such already exists, I can't find it: neither the announcement messages [2] nor the commits are signed, there isn't a Debian package, and Alioth doesn't show the userid (the one where lack of -guest = DD) of commits anywhere I can find. Is it appropriate for new contributors to edit this project's wiki page [9]? If yes, I would probably add some of this there. Is the reason this is still a jessie image simply "nobody has touched it since stretch release", or does it actually break in stretch? paperkey doesn't straightforwardly work with GnuPG2 keys [3]; I don't know if there's a way round this or whether printing "base64 ~/.gnupg/private-keys-v1.d/[keygrip]" (in an OCR-friendly font, it's ~3000 characters per RSA4096 key) would be a better suggestion. Removing networking: this boots for me, but I haven't tested it much beyond that, or checked whether it actually does disable networking (there are some built-in net modules, which it won't remove, and it also might need an initramfs update). Warning: make sure this is a chroot hook, not a binary hook! config/hooks/live/0020-delete-network-modules.hook.chroot: #!/bin/sh rm -rf /lib/modules/*/kernel/net rm -rf /lib/modules/*/kernel/drivers/net rm -rf /lib/modules/*/kernel/drivers/bluetooth - usbguard tool for choosing what USB devices to allow [4]: -Each rule allows a kind of USB devices, which can be as general as "all printers" or as specific as "Yubikey serial #xxx" (a tool is provided to generate the latter kind for the currently connected devices). -A rule may allow either an unlimited number of its kind of device or only one, but the latter is "first one found wins", *not* "if there's more than one, block them all". -There is a global setting for whether the rules apply to devices already present at boot time (default off). Given that the obvious way for malicious USB firmware to get into the rest of the system is for the infected device to claim to be a keyboard, and we don't want to totally block USB keyboards because this will often block the only real keyboard, the best setup for a distributable image is probably "allow all at boot, only classes 7,8,9,B (printer, storage, hub, smart card) after" and tell the user not to insert the data-transfer USB stick until after booting (a good idea anyway to make sure you can't *boot* from malicious content on that stick). This would be (untested!) adding usbguard to the package list and resources/config/includes.chroot/etc/usbguard/rules.conf: allow with-interface equals { 07:*:* } allow with-interface equals { 08:*:* } allow with-interface equals { 09:*:* } allow with-interface equals { 0b:*:* } For users generating their own image, we could also offer the option of "only classes 7,8,9,B plus (if needed) my particular USB keyboard, including at boot", but this would be a lower priority. The Intel ME/AMT issue: -It nominally doesn't use wireless unless either the OS does or it's been explicitly told to [5]. -Check whether it's on [6], and if it is, ask the user to turn it off in the BIOS settings before proceeding? -Actually deleting it is claimed to be possible [7], but involves physically connecting a programmer to the flash chip (~$40 of hardware, on some laptops disassembling parts that weren't meant for end users to disassemble, and may brick the system if you make a mistake). I haven't investigated the AMD equivalent. As these don't cover all places malicious firmware could be hiding, there would be some benefit to using a dedicated computer for this (possibly an ARM board to have less firmware in the first place, but live-build can't cross build), but given that an attacker sophisticated enough to try a firmware attack may well also be sophisticated enough to try modifying your package on your main system and waiting for you to sign it (which isn't outright stealing your key but is still a way to sneak malware into the archive), a better split for a DD with two machines might be "all development on one, browsing/gaming/general entertainment on the other". A possible "what else is a separate extra-high-security install useful for?" feature: an option to run a rootkit scan (e.g. chkrootkit) and/or integrity check (e.g. tiger deb_checkmd5sums [8]) on
Re: [SECURITY] [DSA 3281-1] Debian Security Team PGP/GPG key change notice
El 7 de junio de 2015 21:00:01 CEST, Thijs Kinkhorst th...@debian.org escribió: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian Security Advisory DSA-3281-1 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst June 7, 2015 http://www.debian.org/security/faq - - This is a notice that the Debian security team has changed its PGP/GPG contact key because of a periodic regular key rollover. The new key's fingerprint is: 0D59 D2B1 5144 766A 14D2 41C6 6BAF 400B 05C3 E651 The creation date is 2015-01-18 and it has been signed by the previous Security Team contact key and several individual team members. Please use the new key from now on for encrypted communication with the Debian Security Team. You can obtain the new key from a keyserver, e.g., http://pgp.surfnet.nl/pks/lookup?op=vindexsearch=0x0D59D2B15144766A14D241C66BAF400B05C3E651 Our website has been updated to reflect this change. Note that this concerns only the key used for communication with the team. The keys used to sign the security.debian.org APT archive or the keys used to sign the security advisories have not changed. Further information is available at https://www.debian.org/security/. Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBCAAGBQJVdJSGAAoJEFb2GnlAHawEOxIIAJWUNtyJ24UvHIj128PY1hkY AdDMzO+kLJNnkEftKRsj6RkcFgroFqoK/HqfOGM1nkGLbfwM92S7eDW3VoMtvmXH wePiZdhpijfLjbazGggPd5q4lWWYcIMQ9opCz5/lmEeRPCec0wU5X6HDcSJP0OCs dksvJRqu/Z9ZXV3NG5ytP1Llgr6nnSk+FPrQj5f006P7Kqy3R5XKed2tdKtBSVtY mSO6/nmMRdbsht0FMzJ+FnNVrM6Tclje5RrTnl6dPYkqnySlTERvwXAEsTkaaiY0 SuTHbPjBtgJo4crfEt/AoNbhfby/IaeOi2AOc0zKpGziiax+opxUCRbwL2irX9Q= =gsdL -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150607190001.a5a4593...@kinkhorst.com -- Enviado desde mi teléfono con K-9 Mail.
Re: Use of DSA number for general announcements (was: [DSA 2548-1] Debian Security Team PGP/GPG key change notice)
Hi, * Arthur de Jong adej...@debian.org [2012-09-16 21:03]: On Fri, 2012-09-14 at 10:31 +0200, Nico Golde wrote: I just want to point out though that as far as I know you can't send an announcement mail to this list without a fake DSA id. Perhaps it is an idea to also reject mails with a DSA id already issued? That could save a few problems. Judging by the mail archives 20 DSA ids were used more than once in the last few years. I opened a bug report for this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687935 Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0 pgpvFTkwIGzGC.pgp Description: PGP signature
Re: Use of DSA number for general announcements (was: [DSA 2548-1] Debian Security Team PGP/GPG key change notice)
On Fri, 2012-09-14 at 10:31 +0200, Nico Golde wrote: I just want to point out though that as far as I know you can't send an announcement mail to this list without a fake DSA id. Perhaps it is an idea to also reject mails with a DSA id already issued? That could save a few problems. Judging by the mail archives 20 DSA ids were used more than once in the last few years. -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong -- signature.asc Description: This is a digitally signed message part
Re: [SECURITY] [DSA 2548-1] Debian Security Team PGP/GPG key change notice
~smi~ Nico Golde n...@debian.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2548-1 secur...@debian.org http://www.debian.org/security/Nico Golde September 13, 2012 http://www.debian.org/security/faq - - This is a notice to inform you, that our previous PGP/GPG key expired. The fingerprint of the *old* key is: 2764 4A76 61FD 9614 BCD6 844F 370E 2BFC 68B6 4E0D The *new* key fingerprint is: BACB 4B5C 30AC 38F3 19EE 961E 2702 CAEB 90F8 EEC5 Please use the new key from now on for encrypted communication with the Debian Security Team. Please obtain the new key from a keyserver, e.g., http://pgp.surfnet.nl/pks/lookup?op=vindexsearch=0xBACB4B5C30AC38F319EE961E2702CAEB90F8EEC5 Our website will be updated shortly to reflect this change. Further information is available at http://www.debian.org/security/. Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlBRtmgACgkQHYflSXNkfP+ulgCfa4SEWA+rgujISyAWF22eveAx PT4An20bkhJOeoUMRV+LMLibpXhdQyEi =BO8T -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120913103312.ga28...@ngolde.de
Re: Use of DSA number for general announcements (was: [DSA 2548-1] Debian Security Team PGP/GPG key change notice)
Hi, * David Prévot taf...@debian.org [2012-09-14 03:30]: Le 13/09/2012 06:33, Nico Golde a écrit : - Debian Security Advisory DSA-2548-1 secur...@debian.org http://www.debian.org/security/Nico Golde September 13, 2012 http://www.debian.org/security/faq - This is a notice to inform you, that our previous PGP/GPG key expired. Thanks for notifying us on debian-security-announce@l.d.o, but I disagree that such an announcement deserves a DSA number. DSA-2360 was also a misuse of a DSA number IMHO, and would have deserved a copy on wider audience (e.g. on debian-announce@l.d.o). Please don't hesitate to get in touch with the press or publicity team next time you prepare a big announcement. I honestly can think of better use of my time than discussing this. I just want to point out though that as far as I know you can't send an announcement mail to this list without a fake DSA id. Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0 pgpO7u4r9kpgG.pgp Description: PGP signature
Use of DSA number for general announcements (was: [DSA 2548-1] Debian Security Team PGP/GPG key change notice)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, Le 13/09/2012 06:33, Nico Golde a écrit : - Debian Security Advisory DSA-2548-1 secur...@debian.org http://www.debian.org/security/Nico Golde September 13, 2012 http://www.debian.org/security/faq - This is a notice to inform you, that our previous PGP/GPG key expired. Thanks for notifying us on debian-security-announce@l.d.o, but I disagree that such an announcement deserves a DSA number. DSA-2360 was also a misuse of a DSA number IMHO, and would have deserved a copy on wider audience (e.g. on debian-announce@l.d.o). Please don't hesitate to get in touch with the press or publicity team next time you prepare a big announcement. Regards David -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQUoguAAoJELgqIXr9/gny8xEP/jT7oCPsYppRuK5nsD5Mjg5K qPE8R6JZM/98okBQGmRE8X8kSC6Iz08+bwN11SfoBqw3j3mrZCEMUQG244oMnW3L I02Qq0s9ixwBCnPHGlLCn5R5tVjv9G5DcG4DkHNVBQb9BphL9hJxHSwAxBf5/yPH EW8sHJ/gSP8+ap0BUk6rMMD4Kuj2qukz7F22mZchf5Urto+N6vV9XiBPVXfL5qV4 tSLkXlcasVOrFWZsFNFnPl0bUxZuXh2A80usWLWb0JxGhSKAEa+k7C7m2YwUkLhv YdxxIP0mqkvmkQXL94f1bZtB353ni4lcBAsfRR84gG4Kr12+Oeq5jyuxhFlNNLrP eTlo2aEffbIOZYsCpWdD8gv2gJNt4bhH0fJNGHkJ1rUqdKWv7sQZ2CnYdzmBuikG 2v30CWEGAMWl6mkWrZ3cyST/T+EVm+pTI2blnodLASHpp7XM+ZW4pU1dskXUqSlH Tz9OE6dIvVPQpuwvjbQMSTlaj95RTlvPbRdSyLpT9/uxn+kkS/FeTp1jGCCHaOiu LbrPOe8hyOGoCcb9BwGIcqEZq1RBFtR5D35qStukKITfxpYjI1JSw8CWcUCCZe0s hxjvIeCwg4TdLUui8WM02eZWhz6DyGAlC3YuJdyjzE8q6uTv33RlNboS3CPkADMs atK9GNhQ9/Zw895dNdna =rnSD -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5052882f.7060...@debian.org
Re: Use of DSA number for general announcements (was: [DSA 2548-1] Debian Security Team PGP/GPG key change notice)
Hi David, On Fri, September 14, 2012 03:28, David Prevot wrote: This is a notice to inform you, that our previous PGP/GPG key expired. Thanks for notifying us on debian-security-announce@l.d.o, but I disagree that such an announcement deserves a DSA number. DSA-2360 was also a misuse of a DSA number IMHO, and would have deserved a copy on wider audience (e.g. on debian-announce@l.d.o). Please don't hesitate to get in touch with the press or publicity team next time you prepare a big announcement. Well, this is of course how we 'always' do it. I'm not sure I understand: why is it a problem to use (even misuse?) a number? They are free and we have ample supply. I doubt a technicallity like a key rollover, which is only relevant for people actively conversing with the security team, is useful to post to debian-announce. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/6a6d36035560b0b170b587b5751eecb0.squir...@wm.kinkhorst.nl
Re: Handling personal/self(WebOfTrust) pgp/gpg private keys.
Is there any suggestions as to where I could get reliable information related to this topic? For example what do Debian Developers do with there private keys? Well, I might as well try and take a stab at it. I'll rate my suggestions from 1 to 5 based on how well I understand the issue a 1 would indecate that I'm not at all sure about this advice and a 5 would indicate I've been told to do this and had myself and others report success/problems with it. 5. Use a symmetric pass-phrase to encrypt your key. 5. Don't forget your pass-phrase. 4. Generate a revocation for use if you loose your key. 2. store a revocation in multiple locations. 4. Protect yourself from some one stealing/using your revocation. 3. It may defeat the purpose of having a revocation if it has a : symmetric pass-phrase. 5. Chose a strong pass-phrase, I use apg. code che...@overrun:~$ apg Please enter some random data (only first 8 are significant) (eg. your old password):/I typed test/ Rappern2 (Rapp-ern-TWO) UgCijAc7 (Ug-Cij-Ac-SEVEN) EevfibOpud7 (Eev-fib-Op-ud-SEVEN) Ewyevdat8 (Ew-yev-dat-EIGHT) 9Wrivyeaheny (NINE-Wriv-yea-hen-y) MimGufIbrIv2 (Mim-Guf-Ibr-Iv-TWO) /code 5. Make sure your key is stored on vary reliable media. 1. Store your key in multiple locations or on a few computers. 4. Use removable media and a secure safe for a backup. 1. Perhaps using different pass-phrase. 1. Don't bother to change your pass-phrase. 5. Change your pass-phrase if it should ever be discovered. 1. Store your key on a trusted *shell that all your boxes : have access too. 1. Use ssh-agent on your local system to 'fetch'/ssh-add : the key over ssh. 3. Don't ever store your keys in NV storage on a portable : device. 2: Don't store your keys on a desktop system in your home : or anywhere else if theft could be a problem. * A shell being a highly reliable shell account on a server.(Some examples/suggestions would be nice) On Wed, Jun 24, 2009 at 2:18 AM, Mike Mestnikche...@visi.com wrote: Are there any guide lines for the Web-Of-Trust projects surrounding Debian or in general? I have had a number of problems with private keys over these past years that I've used PKI, forgetting the password, loosing(what partition/server/drive) the file, drive corruption, accidental deletes. I've recently lost my job and thus my work related pgp key that I've used for my work email address and several work related PKIs. Thus I'm at a point where I can once again start fresh and not wanting to repeat previous mistakes I wanted to get some vector on what are good ideas and what ideas would sound good but be vary bad. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Handling personal/self(WebOfTrust) pgp/gpg private keys.
Are there any guide lines for the Web-Of-Trust projects surrounding Debian or in general? I have had a number of problems with private keys over these past years that I've used PKI, forgetting the password, loosing(what partition/server/drive) the file, drive corruption, accidental deletes. I've recently lost my job and thus my work related pgp key that I've used for my work email address and several work related PKIs. Thus I'm at a point where I can once again start fresh and not wanting to repeat previous mistakes I wanted to get some vector on what are good ideas and what ideas would sound good but be vary bad. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: PGP key to use to contact the Security Team
Joey Schulze un jour écrivit: Simon Valiquette wrote: In the Securing Debian Manual, the key id to use to send an encrypted email to the security team is 363CCD95, but on the following link, it is F2E861A3 that is listed instead. http://www.debian.org/security/faq.en.html#contact Maybe the Securing Debian Manual is not up-to-date with regards to the security contact key? I know, but since both keys were still valids, there was nothing either to indicate that it was the FAQ page which was wrong. 1. Do both keys are still valid? You should use 0x/F2E861A3. Thank you, I will fix the Securing Debian Manual about it. 2. If the key F2E861A3 is legitimate (which I think it is because I have a trust path to it), wouldn't it makes sense to sign it with the old key as well? Or alternatively by 3 members of the security team instead of just one? old key would refer to 0x3682B5DF which expired on February 1st 2007 and is the predecessor to the current key. It would be kind of late to sign the current key with it only now, but it can make sense to sign the next key with F2E861A3 before it expire. Unless it is revoked, it would show quite clearly the intent and makes faking a new key much more difficult. Alternatively, announcing the new key once a year on debian-security in a signed email would do it, as we would be able to easily google for the key and check if it is legitimate. People writing documentation would also notice the change a lot more quickly. The idea is that it is actually too easy for a single person to fake a new key ID, and too difficult to checks its legitimacy as the only public reference to it was the security FAQ page. Another solution is to have 3 people from the security team signing the key, as that would increase enough the trustfulness of the key. Simon Valiquette -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: PGP key to use to contact the Security Team
Simon Valiquette wrote: Hello, I am finishing the French translation of the Securing Debian Manual, and I noticed something about the key to use to contact the Debian Security Team. In the Securing Debian Manual, the key id to use to send an encrypted email to the security team is 363CCD95, but on the following link, it is F2E861A3 that is listed instead. http://www.debian.org/security/faq.en.html#contact Maybe the Securing Debian Manual is not up-to-date with regards to the security contact key? 1. Do both keys are still valid? You should use 0x/F2E861A3. 2. If the key F2E861A3 is legitimate (which I think it is because I have a trust path to it), wouldn't it makes sense to sign it with the old key as well? Or alternatively by 3 members of the security team instead of just one? old key would refer to 0x3682B5DF which expired on February 1st 2007 and is the predecessor to the current key. 3. The key F2E861A3 claims to have been created on 2007-07-29 and is set to expire on 2009-02-18. So could someone clarify what will happens after it expire in six weeks? Will it be replaced by a new key, or will the expiration date simply be changed? It will be replaced by a newer key, as has happened with the security key before. Regards, Joey -- WARNING: Do not execute! This call violates patent DE10108564. http://www.elug.de/projekte/patent-party/patente/DE10108564 wget -O patinfo-`date +%Y%m%d`.html http://patinfo.ffii.org/ -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: PGP key to use to contact the Security Team
On Mon, Dec 29, 2008 at 03:50:48PM +0100, Kurt Roeckx wrote: On Mon, Dec 29, 2008 at 07:32:47AM -0500, Simon Valiquette wrote: So here are my questions: 1. Do both keys are still valid? 2. If the key F2E861A3 is legitimate (which I think it is because I have a trust path to it), wouldn't it makes sense to sign it with the old key as well? Or alternatively by 3 members of the security team instead of just one? 3. The key F2E861A3 claims to have been created on 2007-07-29 and is set to expire on 2009-02-18. So could someone clarify what will happens after it expire in six weeks? Will it be replaced by a new key, or will the expiration date simply be changed? 3. If the old key 363CCD95 is not used anymore, is there any reasons for not revoking it? 4. Why is 363CCD95 on keyring.debian.org but F2E861A3 isn't? There is an outstanding RT ticket (#353) open for removing 363CCD95 from keyring.debian.org. I have asked for a revocation certificate for it if it's no longer in use and if a newer key should be included, but received no reply so have made no changes. J. -- Web [ Reality is for people with no grasp of fantasy.] site: http:// [ ] Made by www.earth.li/~noodles/ [ ] HuggieTag 0.0.23 signature.asc Description: Digital signature
Checking PGP signature for DSA from M Muehlenhoff
Hello, I was wondering why PGP signatures for DSA emails sent to debian-security-announce were not checked when they came from Moritz Muehlenhoff while DSA sent by Martin Schulze were checked. I have found out that the Debian security team keyring (from http://www.debian.org/security/faq) does not contain his key. Is this an oversight or do I miss something else (I don't pretend to understand much about PGP/GPG validation)? TIA Fred PS : please CC me as I am not subscribed to debian-security. Thanks. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
On Thu, Aug 12, 2004 at 11:20:28PM +0200, Florian Weimer wrote: Quoting Florian Weimer ([EMAIL PROTECTED]): Just out of curiosity, are there now, or have there been in the past, any _other_ implementations of the OpenPGP spec, besides GnuPG? GnuPG is not a complete implementation of OpenPGP, either. Other partial implementations are contained in some PGP products, some NAI products, CryptoEx by Glück Kanja, and so on. There is HushMail, too. -- Lionel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: PGP vs GPG
On Fri, 2004-08-27 at 14:48, Dale Amon wrote: gpg --import gary.pub gpg: no valid OpenPGP data found. gpg: Total number processed: 0 cat gary.pub -BEGIN PGP SIGNATURE- [snip] Are you sure you're really importing a public key here ? Cheers Tycho -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
On Tue, Aug 10, 2004 at 02:51:19PM -0700, Rick Moen wrote: Quoting Ian Beckwith ([EMAIL PROTECTED]): Do you have links to documentation of these issues or where to get the pirated versions? How pirated/illegal are they? License permitting, I could maybe take patches from them. Quoting the licence for pgpi 6.5.8: The source code contained herein is not intended to allow the development of source code or software for commercial distribution. No modifications to the source code contained in this book are allowed and any further redistribution of the source code in any modified form is expressly prohibited. I assumed this would be taken care of by the fact we distribute the .orig.tar.gz. If that's not enough, then I assume we can't distribute it at all, not even in non-free. Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
Hi, Phillip Hofmeister wrote: If you wanted to make a second version of GPG and place it in non-free, that would likely be an acceptable option. You don't need to make a second version of GPG; the IDEA module can be loaded dynamically. -- Matthias Urlichs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
On Thu, 12 Aug 2004 at 03:35:29AM -0400, Matthias Urlichs wrote: Hi, Phillip Hofmeister wrote: If you wanted to make a second version of GPG and place it in non-free, that would likely be an acceptable option. You don't need to make a second version of GPG; the IDEA module can be loaded dynamically. Then the module would need to be in non-free. -- Phillip Hofmeister -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
* Phillip Hofmeister: You don't need to make a second version of GPG; the IDEA module can be loaded dynamically. Then the module would need to be in non-free. non-us, I think. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
On Thu, 12 Aug 2004, Florian Weimer wrote: You don't need to make a second version of GPG; the IDEA module can be loaded dynamically. Then the module would need to be in non-free. non-us, I think. non-free in non-us, actually. And maybe not even there, since the IDEA patent is a problem in europe. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
* Ian Beckwith: On Sat, Aug 07, 2004 at 09:17:38PM +0200, Florian Weimer wrote: Both PGP 5 and 6.5 have security issues which haven't been fixed upstream (because there isn't any upstream anymore). There are some pirated versions of 6.5.8 that incorporate fixes, but Debian certainly shouldn't encourage distribution of them. Hmm. Do you have links to documentation of these issues IIRC, there's a buffer overflow in the UID handling that has never been published. Then there's the Klima-Rosa attack, the lack of an MDC (Modification Detection Code), and one or more user ID handling bugs (see http://www.bluering.nl/pgp/useridbug.txt). I once worked on an OpenPGP implementation vulnerability matrix, but this topic isn't very interesting anymore. For me at least, there's just GnuPG. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
* Henrique de Moraes Holschuh: On Thu, 12 Aug 2004, Florian Weimer wrote: You don't need to make a second version of GPG; the IDEA module can be loaded dynamically. Then the module would need to be in non-free. non-us, I think. non-free in non-us, actually. Why non-free? The code is available under a DFSG-free copyright license. And maybe not even there, since the IDEA patent is a problem in europe. non-US is just a misnomer. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
On Thu, 12 Aug 2004, Florian Weimer wrote: * Henrique de Moraes Holschuh: On Thu, 12 Aug 2004, Florian Weimer wrote: You don't need to make a second version of GPG; the IDEA module can be loaded dynamically. Then the module would need to be in non-free. non-us, I think. non-free in non-us, actually. Why non-free? The code is available under a DFSG-free copyright license. The one I have here isn't, but if you have one that is entirely DFSG-free, that's much better. The whole issue with IDEA has always been the patents, anyway. The non-DFSG-freeness of the IDEA module (or of certain versions of it, anyway) look a lot like an attempt of the author to protect himself from patent problems. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
* Henrique de Moraes Holschuh: Why non-free? The code is available under a DFSG-free copyright license. The one I have here isn't, but if you have one that is entirely DFSG-free, that's much better. An older version is available from: http://www.linuxmafia.com/pub/linux/security/gnupg/idea.c -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
Quoting Florian Weimer ([EMAIL PROTECTED]): * Henrique de Moraes Holschuh: Why non-free? The code is available under a DFSG-free copyright license. The one I have here isn't, but if you have one that is entirely DFSG-free, that's much better. An older version is available from: http://linuxmafia.com/pub/linux/security/gnupg/idea.c (Hey, that's my living room. ;- ) Although idea.c copyright holder Werner Koch licenses his copyright under BSD terms, the header details Ascom AG's patent licence terms (free of charge for non-commercial use). As others have said, it's solely the patent that's the problem -- but that patent makes the code non-free in all countries where the patent still has force: I'm pretty sure that's just about everywhere. Patent expires in 2011, by the way. (Possibly a bit later in some places. There were filings in at least the USA, European Patent Office, and Japan, to my knowledge.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
Quoting Florian Weimer ([EMAIL PROTECTED]): I once worked on an OpenPGP implementation vulnerability matrix, but this topic isn't very interesting anymore. For me at least, there's just GnuPG. Just out of curiosity, are there now, or have there been in the past, any _other_ implementations of the OpenPGP spec, besides GnuPG? I tried to find some, when I was preparing my lecture on GnuPG[1], and couldn't find any. [1] GnuPG Lecture on http://linuxmafia.com/kb/Security/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
* Rick Moen: Quoting Florian Weimer ([EMAIL PROTECTED]): I once worked on an OpenPGP implementation vulnerability matrix, but this topic isn't very interesting anymore. For me at least, there's just GnuPG. Just out of curiosity, are there now, or have there been in the past, any _other_ implementations of the OpenPGP spec, besides GnuPG? GnuPG is not a complete implementation of OpenPGP, either. Other partial implementations are contained in some PGP products, some NAI products, CryptoEx by Glück Kanja, and so on.
Re: pgp in Debian: obsolete?
On Tue, 10 Aug 2004 at 05:51:19PM -0400, Rick Moen wrote: Quoting Ian Beckwith ([EMAIL PROTECTED]): Do you have links to documentation of these issues or where to get the pirated versions? How pirated/illegal are they? License permitting, I could maybe take patches from them. Quoting the licence for pgpi 6.5.8: The source code contained herein is not intended to allow the development of source code or software for commercial distribution. No modifications to the source code contained in this book are allowed and any further redistribution of the source code in any modified form is expressly prohibited. Which is a clear violation of the social contract. If you wanted to make a second version of GPG and place it in non-free, that would likely be an acceptable option. -- Phillip Hofmeister -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
On Sat, Aug 07, 2004 at 09:17:38PM +0200, Florian Weimer wrote: Both PGP 5 and 6.5 have security issues which haven't been fixed upstream (because there isn't any upstream anymore). There are some pirated versions of 6.5.8 that incorporate fixes, but Debian certainly shouldn't encourage distribution of them. Hmm. Do you have links to documentation of these issues or where to get the pirated versions? How pirated/illegal are they? License permitting, I could maybe take patches from them. Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA Listening to: Nusrat Fateh Ali Khan Michael Brook - Asian Travels - Sweet Pain -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
Quoting Ian Beckwith ([EMAIL PROTECTED]): Do you have links to documentation of these issues or where to get the pirated versions? How pirated/illegal are they? License permitting, I could maybe take patches from them. Quoting the licence for pgpi 6.5.8: The source code contained herein is not intended to allow the development of source code or software for commercial distribution. No modifications to the source code contained in this book are allowed and any further redistribution of the source code in any modified form is expressly prohibited. -- Cheers, Founding member of the Hyphenation Society, a grassroots-based, Rick Moen not-for-profit, locally-owned-and-operated, cooperatively-managed, [EMAIL PROTECTED] modern-American-English-usage-improvement association. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In short, better package the IDEA module for GnuPG... I did some work on this sometime ago, based on a previous package. The work is here: http://tiefighter.et.tudelft.nl/~arthur/gnupg-idea/ It is sort of an source-based installer. You get the source, when building the package it downloads the source and creates a binary package. The source file idea.c is however not DFSG free because the copyrights notice forbids distribution in ceirtain coutries (and that is apart from the patent issue). - -- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBFgCcVYan35+NCKcRApPzAJwPLdZp3KY7xHxOI0HkwawSj+rhSQCg2rSl +AZ8E4yeCiJFEwHGzf/Ephw= =9S/q -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
http://tiefighter.et.tudelft.nl/~arthur/gnupg-idea/ It is sort of an source-based installer. You get the source, when building the package it downloads the source and creates a binary package. The source file idea.c is however not DFSG free because the copyrights notice forbids distribution in ceirtain coutries (and that is apart from the patent issue). do we know who the original author of that file was? and what country they wrote the code in? a lot of times, those copyright notices are applied in order to protect the author from possible violations of US export controls. the original author may now be able to relicense the code with a more compatible set of restrictions... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
* Arthur de Jong: In short, better package the IDEA module for GnuPG... I did some work on this sometime ago, based on a previous package. The work is here: http://tiefighter.et.tudelft.nl/~arthur/gnupg-idea/ It is sort of an source-based installer. You get the source, when building the package it downloads the source and creates a binary package. The source file idea.c is however not DFSG free because the copyrights notice forbids distribution in ceirtain coutries (and that is apart from the patent issue). There are versions of idea.c for GnuPG which haven't got such restrictions. (The patent problem is unrelated and still applies, of course.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
Thanks to everyone for your comments. On Thu, Aug 05, 2004 at 06:58:58PM +0100, Dale Amon wrote: Keep in mind people may have encrypted files and email archived. The means of accessing archive data should be considered to be at least as immortal as the data itself. Given this and Rick Moen's comments about the IDEA issue, I think it's worth keeping pgp in. I shall attempt to get an updated pgp5i with FTBFS fixes into sarge, and post-sarge I will package 6.5.8 and get the package renamed from pgp5i to pgp. Unfortunately, I'm not yet a DD, so... anyone fancy sponsoring my uploads? Files are at: http://nessie.mcc.ac.uk/~ianb/debian/ Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA Listening to: Primal Scream - Vanishing Point - Kowalski -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
* Ian Beckwith: I shall attempt to get an updated pgp5i with FTBFS fixes into sarge, and post-sarge I will package 6.5.8 and get the package renamed from pgp5i to pgp. Both PGP 5 and 6.5 have security issues which haven't been fixed upstream (because there isn't any upstream anymore). There are some pirated versions of 6.5.8 that incorporate fixes, but Debian certainly shouldn't encourage distribution of them. In short, better package the IDEA module for GnuPG... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete? [gpg idea support]
On Thu, 2004-08-05 at 14:13, Rick Moen wrote: Just attempting to fill in missing detail: PGP first used for its symmetric cipher Zimmerman's own amateur effort Bass-o-Matic, which was quickly dropped and replaced with the IDEA algorithm. IDEA is patent encumbered (and will remain that way for some years, yet). GnuPG lacks IDEA support. It was included for a while as an optional module, but has bene removed from the tarball. (You can find it and retrofit it, if you search a bit.) That and the lingering IDEA problem (limiting only compatiblity with some PGP 2.x users) are all I'm aware of. PGPi, unlike GnuPG, _does_ include IDEA code by default. I wrote something about IDEA and gnupg a while ago. It's a quick blurb for people who wanted to use IDEA but weren't entirely sure how to do it: http://yak.net/fqa/346.html It's nothing special, but if you were wondering how, it's not very difficult. Enjoy. -- Jake Appelbaum [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part
pgp in Debian: obsolete?
Hello. I am in the process of taking over maintenance of pgp5i, based on the international unix version of PGP version 5, pgp50i-unix-src.tar.gz The previous maintainer suspects that nobody uses the package anymore so it can be removed from debian, as everyone has switched to gpg. Is anyone still using pgp5i in debian? If there is a demand for it, is there any reason I shouldn't upgrade to the package to the latest pgp? (6.5.8 I believe, assuming the international pgp restrictions no longer apply). thanks, Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA Listening to: Anne Dudley and Jaz Coleman - Hannah -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
On Thu, Aug 05, 2004 at 06:51:22PM +0100, Ian Beckwith wrote: If there is a demand for it, is there any reason I shouldn't upgrade to the package to the latest pgp? (6.5.8 I believe, assuming the international pgp restrictions no longer apply). Keep in mind people may have encrypted files and email archived. The means of accessing archive data should be considered to be at least as immortal as the data itself. -- -- Dale Amon [EMAIL PROTECTED]+44-7802-188325 International linux systems consultancy Hardware software system design, security and networking, systems programming and Admin Have Laptop, Will Travel -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
Quoting Dale Amon ([EMAIL PROTECTED]): On Thu, Aug 05, 2004 at 06:51:22PM +0100, Ian Beckwith wrote: If there is a demand for it, is there any reason I shouldn't upgrade to the package to the latest pgp? (6.5.8 I believe, assuming the international pgp restrictions no longer apply). Keep in mind people may have encrypted files and email archived. The means of accessing archive data should be considered to be at least as immortal as the data itself. Aren't GnuPG's decryption/verification features a superset of those in PGPi 5.0? That's not a rhetorical question: I've been telling people that for years in a good faith effort at accuracy, and so will appreciate any corrections. (I mean no disrespect to Ståle Schumacher Ytteborg or others who gave us PGPi 5.0, which was extremely useful before GnuPG and the OpenPGP RFCs.) Speaking from slightly rusty recollection of the issues on Ian's original question, 6.5.8 is indeed the latest PGPi version for Unix, and I can't see any reason in the tarball why upgrading the package wouldn't be a good thing (but it'd be nice if NAI decided they liked Changelogs). -- Cheers, That scruffy beard... those suspenders... that smug ex- Rick Moen pression You're one of those condescending Unix users! [EMAIL PROTECTED] Here's a nickel, kid. Get yourself a real computer. -- Dilbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
On Thu, Aug 05, 2004 at 11:40:09AM -0700, Rick Moen wrote: Keep in mind people may have encrypted files and email archived. The means of accessing archive data should be considered to be at least as immortal as the data itself. Aren't GnuPG's decryption/verification features a superset of those in PGPi 5.0? That's not a rhetorical question: I've been telling people that for years in a good faith effort at accuracy, and so will appreciate any corrections. I don't know for sure either. I do seem to remember there was a document explaining how to transition and that there was a new key generation method. I also vaguely remember having some problem with my own package signing keys when the switch was made from PGP to GPG, but that is 4-5 years ago and I cannot for the life of me remember the details. I just have a vague disquiet about it. I'm certain that somewhere I've got files using the old keys, and since I'm in Ireland, Murphy will drop in for tea the day after PGP goes away... -- -- Dale Amon [EMAIL PROTECTED]+44-7802-188325 International linux systems consultancy Hardware software system design, security and networking, systems programming and Admin Have Laptop, Will Travel -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: pgp in Debian: obsolete?
Quoting Dale Amon ([EMAIL PROTECTED]): I don't know for sure either. I do seem to remember there was a document explaining how to transition and that there was a new key generation method. I also vaguely remember having some problem with my own package signing keys when the switch was made from PGP to GPG, but that is 4-5 years ago and I cannot for the life of me remember the details. I just have a vague disquiet about it. Just attempting to fill in missing detail: PGP first used for its symmetric cipher Zimmerman's own amateur effort Bass-o-Matic, which was quickly dropped and replaced with the IDEA algorithm. IDEA is patent encumbered (and will remain that way for some years, yet). GnuPG lacks IDEA support. It was included for a while as an optional module, but has bene removed from the tarball. (You can find it and retrofit it, if you search a bit.) The problems with dodgy RSA support have, as you mentioned, now gone away: One can achieve maximum compatibility with various PGP versions by avoiding mixing RSA and Diffie-Hellman / DSS, as detailed here: http://www.shub-internet.org/pgp_5_tips.html That and the lingering IDEA problem (limiting only compatiblity with some PGP 2.x users) are all I'm aware of. PGPi, unlike GnuPG, _does_ include IDEA code by default. -- Cheers,There are only 10 types of people in this world -- Rick Moen those who understand binary arithmetic and those who don't. [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GnuPG can not read some pgp signatures
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Clinging to sanity, LeVA mumbled in his beard: Reason: No appropriate crypto plug-in was found. Hi, I guess that your problem is NOT idea, but inline gpg signed msgs (like this one) versus PGP/MIME signed messages. There is currently no official gpg-agent and pinentry Debian packages, so you'll need to either get some unofficial ones (did anybody do any lately? I think Ralf Nolden's packages are not online anymore), or compile the software yourself as per [1] (last I tried, I had to disable threading on some components. But it's been a while, and new releases of most parts are out, so I don't know what the current status is). Greetings - -- vbi [1] http://kmail.kde.org/kmail-pgpmime-howto.html - -- Protect your privacy - encrypt your email: http://fortytwo.ch/gpg/intro -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: get my key from http://fortytwo.ch/gpg/92082481 iKcEARECAGcFAj/7tpJgGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h aWwuMjAwMjA4MjI/dmVyc2lvbj0xLjUmbWQ1c3VtPTVkZmY4NjhkMTE4NDMyNzYw NzFiMjVlYjcwMDZkYTNlAAoJEIukMYvlp/fW9IUAnA5gbmjLW2jKye7xLCJOTv4L IAlsAKC+aho9Af526mxbicP5t9nd8zzzUA== =XZ8c -END PGP SIGNATURE-
Re: GnuPG can not read some pgp signatures
On Wed, Jan 07, 2004 at 08:34:42AM +0100, Adrian 'Dagurashibanipal' von Bidder wrote: Reason: No appropriate crypto plug-in was found. I guess that your problem is NOT idea, but inline gpg signed msgs (like this one) versus PGP/MIME signed messages. The fact that he is reporting that kmail specifically doesn't like an attached .asc does not suggest that the problem is with inline signatures. IMHO, inline signatures should not be used ever as they are liable to corruption unless the entire message + signature is encoded in quoted-printable before sending. Matthew
Re: GnuPG can not read some pgp signatures
Wednesday 07 January 2004 08:34 dátummal Adrian 'Dagurashibanipal' von Bidder ezt írta: Clinging to sanity, LeVA mumbled in his beard: Reason: No appropriate crypto plug-in was found. Hi, I guess that your problem is NOT idea, but inline gpg signed msgs (like this one) versus PGP/MIME signed messages. Not really. Your messages doesn't produce that No appropriate crypto plug-in was found. message. For your mail, KMail says this: Message was signed with unknown key 0xE5A7F7D6. The validity of the signature cannot be verified. There are some emails, which has an attached *.asc file. For these mails, KMail says this: The message is signed, but the validity of the signature can't be verified. Reason: No appropriate crypto plug-in was found. Any idea? Daniel There is currently no official gpg-agent and pinentry Debian packages, so you'll need to either get some unofficial ones (did anybody do any lately? I think Ralf Nolden's packages are not online anymore), or compile the software yourself as per [1] (last I tried, I had to disable threading on some components. But it's been a while, and new releases of most parts are out, so I don't know what the current status is). Greetings -- vbi [1] http://kmail.kde.org/kmail-pgpmime-howto.html -- Protect your privacy - encrypt your email: http://fortytwo.ch/gpg/intro -- LeVA
Re: GnuPG can not read some pgp signatures
* LeVA [Wed, 07 Jan 2004 11:59:25 +0100]: Wednesday 07 January 2004 08:34 dátummal Adrian 'Dagurashibanipal' von Bidder ezt írta: Clinging to sanity, LeVA mumbled in his beard: Reason: No appropriate crypto plug-in was found. Hi, I guess that your problem is NOT idea, but inline gpg signed msgs (like this one) versus PGP/MIME signed messages. Not really. Your messages doesn't produce that No appropriate crypto plug-in was found. message. For your mail, KMail says this: It is that, *indeed*. But the other way round: inline gpg signed msgs do not cause trouble to KMail, but PGP/MIME ones (like *this* one) do. If I'm correct, you should just have seen: The message is signed, but the validity of the signature can't be verified. Reason: No appropriate crypto plug-in was found. Any idea? Yep, the KMail PGP/MIME Howto which Adrian already pointed you to: [1] http://kmail.kde.org/kmail-pgpmime-howto.html -- Adeodato Simó (a.k.a. thibaut) EM: asp16 [ykwim] alu.ua.es | IM: my_dato [jabber.org] | PK: DA6AE621 When all is summed up, a man never speaks of himself without loss; his accusations of himself are always believed; his praises never. -- Michel de Montaigne signature.asc Description: Digital signature
Re: GnuPG can not read some pgp signatures
Adrian 'Dagurashibanipal' von Bidder [EMAIL PROTECTED] wrote: There is currently no official gpg-agent and pinentry Debian packages, so you'll need to either get some unofficial ones (did anybody do any lately? I think Ralf Nolden's packages are not online anymore), or compile the software yourself as per [1] (last I tried, I had to disable threading on some components. But it's been a while, and new releases of most parts are out, so I don't know what the current status is). FWIW, I have this repository in my sources.list: # gpgme, pinentry, etc. deb http://bulma.net/~daneel/debian/ ./ Zoran
Re: [SECURITY] [DSA 411-1] New mpg321 packages fix ... - PGP key? [solved]
Incoming from ZsoL: Hash: SHA1 On Tuesday 06 January 2004 06.37, s. keeling wrote: Incoming from Matt Zimmerman: Debian Security Advisory DSA 411-1 [EMAIL PROTECTED] http://www.debian.org/security/ Matt Zimmerman January 5th, 2004 http://www.debian.org/security/faq Package: mpg321 Were any of you able to verify the PGP signatures on the latest debian-security-announce messages? I can't: [-- PGP output follows (current time: Mon 05 Jan 2004 10:30:43 PM MST) 43E25D1E gpg: Can't check signature: public key not found [-- End of PGP output --] maybe you have to import [EMAIL PROTECTED]'s public key. I've tried. GPA import key fails quietly. So I used w3m to go to the URL he supplied: (2) keeling /home/keeling/dox_ gpg --verify matt_zimmerman.txt gpg: verify signatures failed: unexpected data (2) keeling /home/keeling/dox_ gpg --verify matt_zimmerman.txt gpg: verify signatures failed: unexpected data So, I tried wget: (0) keeling /home/keeling/dox_ gpg --verify lookup\?op\=get\search\=0x440202C3137B1CB4 gpg: verify signatures failed: unexpected data (2) keeling /home/keeling/dox_ gpg --verify lookup\?op\=get\search\=0x440202C3137B1CB4 gpg: verify signatures failed: unexpected data So, I Copied the mail to a file, then: (0) keeling /home/keeling/dox_ gpg --verify-files matt_zimmerman.msg gpg: Signature made Mon 05 Jan 2004 07:51:35 PM MST using DSA key ID 43E25D1E gpg: Can't check signature: public key not found Then I tried --import: (2) keeling /home/keeling/dox_ gpg --import matt_zimmerman.msg gpg: no valid OpenPGP data found. gpg: Total number processed: 0 Ah! Finally: (2) keeling /home/keeling/dox_ gpg --recv-keys 43E25D1E gpg: key 43E25D1E: removed multiple subkey binding gpg: key 43E25D1E: public key Matt Zimmerman [EMAIL PROTECTED] imported gpg: Total number processed: 1 gpg: imported: 1 Now why was that so difficult?!? Every other time just reading mail from someone grabs their key from the keyserver and checks the signature. -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 411-1] New mpg321 packages fix format string vulnerability - PGP key?
On Mon, Jan 05, 2004 at 10:37:49PM -0700, s. keeling wrote: Incoming from Matt Zimmerman: Debian Security Advisory DSA 411-1 [EMAIL PROTECTED] http://www.debian.org/security/ Matt Zimmerman January 5th, 2004 http://www.debian.org/security/faq Package: mpg321 Vulnerability : format string Problem-Type : remote Debian-specific: no CVE Ids: CAN-2003-0969 Were any of you able to verify the PGP signatures on the latest debian-security-announce messages? I can't: [-- PGP output follows (current time: Mon 05 Jan 2004 10:30:43 PM MST) --] gpg: Signature made Mon 05 Jan 2004 07:51:35 PM MST using DSA key ID 43E25D1E gpg: Can't check signature: public key not found [-- End of PGP output --] wget -O- http://www.debian.org/security/keys.txt | gpg --import -- - mdz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
GnuPG can not read some pgp signatures
Hello! I have installed KMail a few days ago, and with it I've installed the GnuPG program too. But some of the signatures can not be read by gpg. There are some messages, which has a signature.asc attached, but KMail writes this in the messages window: The message is signed, but the validity of the signature can't be verified. Reason: No appropriate crypto plug-in was found. And when I Save the attached signature, and run cat signature.asc | gpg --import, I get this messages: gpg: no valid OpenPGP data found. gpg: Total number processed: 0 But, sometimes I get messages, which has also a signature file attached, and it can be verified by KMail, and the signatures can be imported with gpg. For example these keys: http://www.debian.org/security/keys.txt I can import those keys, and KMail can verify these keys, when I'm getting emails from those guys. What could be the problem with the other signature files? If it helps, I can send you a signature, which is not working. Thanks for the help! Daniel -- LeVA -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GnuPG can not read some pgp signatures
LeVA [EMAIL PROTECTED] [2004-01-06 18:22]: Hello! I have installed KMail a few days ago, and with it I've installed the GnuPG program too. But some of the signatures can not be read by gpg. There are some messages, which has a signature.asc attached, but KMail writes this in the messages window: The message is signed, but the validity of the signature can't be verified. Reason: No appropriate crypto plug-in was found. And when I Save the attached signature, and run cat signature.asc | gpg --import, I get this messages: gpg: no valid OpenPGP data found. gpg: Total number processed: 0 I assume the keys you try to make use of are for PGP 2.x -- thus they require idea. As far as I found on the web, the gpg-idea package somehow vanished. See my question I posted five minutes ago. wbr, Lukas -- Lukas Ruf | Wanna know anything about raw | http://www.lpr.ch | IP? - http://www.rawip.org | eMail Style Guide: http://www.rawip.org/style.html| -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GnuPG can not read some pgp signatures
2004. január 06. 18:26 dátummal Lukas Ruf ezt írta: I assume the keys you try to make use of are for PGP 2.x -- thus they require idea. As far as I found on the web, the gpg-idea package somehow vanished. See my question I posted five minutes ago. But there are not any gpg-idea packages anywhere. I mean, aren't there a hp for that idea plugin? On the www.gnupg.org site, there aren't any info about this plugin. Where can I download the sources of this idea plugin? Daniel wbr, Lukas -- Lukas Ruf | Wanna know anything about raw | http://www.lpr.ch | IP? - http://www.rawip.org | eMail Style Guide: http://www.rawip.org/style.html| -- LeVA -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GnuPG can not read some pgp signatures
On Tue, Jan 06, 2004 at 19:06:50 +0100, LeVA wrote: But there are not any gpg-idea packages anywhere. IDEA is patent encumbered in much of Europe, including The Netherlands where non-us.debian.org is hosted and apparently Germany where ftp.gnupg.org is hosted (AFAIK). On the www.gnupg.org site, there aren't any info about this plugin. ftp://ftp.gnupg.org/gcrypt/contrib/README.idea leads you to ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz and ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz.sig Comments in the .c file explain how to build/use it. HTH, Ray -- Text processing doesn't matter. Fortran. Larry Wall on common fallacies of language design -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GnuPG can not read some pgp signatures
2004. január 06. 19:17 dátummal J.H.M. Dassen (Ray) ezt írta: On Tue, Jan 06, 2004 at 19:06:50 +0100, LeVA wrote: But there are not any gpg-idea packages anywhere. IDEA is patent encumbered in much of Europe, including The Netherlands where non-us.debian.org is hosted and apparently Germany where ftp.gnupg.org is hosted (AFAIK). On the www.gnupg.org site, there aren't any info about this plugin. ftp://ftp.gnupg.org/gcrypt/contrib/README.idea leads you to ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz A quote from that .c file: however we suggest to avoid this algorithm entirely due to interoperability problems. Then it is not about my wrong configuration, or my problem if I can not use those signatures, right? This is the other partner's problem, that he/she uses an algorithm, which is not international? Am I right? Daniel and ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz.sig Comments in the .c file explain how to build/use it. HTH, Ray -- Text processing doesn't matter. Fortran. Larry Wall on common fallacies of language design -- LeVA -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GnuPG can not read some pgp signatures
Quoting Lukas Ruf ([EMAIL PROTECTED]): I assume the keys you try to make use of are for PGP 2.x -- thus they require idea. As far as I found on the web, the gpg-idea package somehow vanished. See my question I posted five minutes ago. You probably already realise this, but idea.c is still available at ftp://ftp.gnupg.dk/pub/contrib-dk/ for anyone who really needs it -- though it's been dropped from the upstream tarball. -- Cheers, * Contributing Editor, Linux Gazette * Rick Moen -*- See the Linux Gazette in its new home: -*- [EMAIL PROTECTED] http://linuxgazette.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 411-1] New mpg321 packages fix format string vulnerability - PGP key?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tuesday 06 January 2004 06.37, s. keeling wrote: Incoming from Matt Zimmerman: Debian Security Advisory DSA 411-1 [EMAIL PROTECTED] http://www.debian.org/security/ Matt Zimmerman January 5th, 2004 http://www.debian.org/security/faq Package: mpg321 Vulnerability : format string Problem-Type : remote Debian-specific: no CVE Ids: CAN-2003-0969 Were any of you able to verify the PGP signatures on the latest debian-security-announce messages? I can't: [-- PGP output follows (current time: Mon 05 Jan 2004 10:30:43 PM MST) --] gpg: Signature made Mon 05 Jan 2004 07:51:35 PM MST using DSA key ID 43E25D1E gpg: Can't check signature: public key not found [-- End of PGP output --] I'm using mutt, and ESC-P usually works checking traditional PGP signatures, but not with these three (bind, libnids, mpg321). -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - - maybe you have to import [EMAIL PROTECTED]'s public key. ZsoL - -- ICQ#: 66782170 PGP key: http://pks.gpg.cz:11371/pks/lookup?op=getsearch=0x440202C3137B1CB4 I love deadlines. I like the whooshing sound they make as they fly by. - Douglas Adams -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQE/+lHZRAICwxN7HLQRAmk9AKC9NYqT7GOgOw9ClKkwV+2KskLq3QCfTtcX TypB/rTlckTUvsO1U/ZYEus= =G2Rd -END PGP SIGNATURE-
Re: [SECURITY] [DSA 411-1] New mpg321 packages fix ... - PGP key? [solved]
Incoming from ZsoL: Hash: SHA1 On Tuesday 06 January 2004 06.37, s. keeling wrote: Incoming from Matt Zimmerman: Debian Security Advisory DSA 411-1 [EMAIL PROTECTED] http://www.debian.org/security/ Matt Zimmerman January 5th, 2004 http://www.debian.org/security/faq Package: mpg321 Were any of you able to verify the PGP signatures on the latest debian-security-announce messages? I can't: [-- PGP output follows (current time: Mon 05 Jan 2004 10:30:43 PM MST) 43E25D1E gpg: Can't check signature: public key not found [-- End of PGP output --] maybe you have to import [EMAIL PROTECTED]'s public key. I've tried. GPA import key fails quietly. So I used w3m to go to the URL he supplied: (2) keeling /home/keeling/dox_ gpg --verify matt_zimmerman.txt gpg: verify signatures failed: unexpected data (2) keeling /home/keeling/dox_ gpg --verify matt_zimmerman.txt gpg: verify signatures failed: unexpected data So, I tried wget: (0) keeling /home/keeling/dox_ gpg --verify lookup\?op\=get\search\=0x440202C3137B1CB4 gpg: verify signatures failed: unexpected data (2) keeling /home/keeling/dox_ gpg --verify lookup\?op\=get\search\=0x440202C3137B1CB4 gpg: verify signatures failed: unexpected data So, I Copied the mail to a file, then: (0) keeling /home/keeling/dox_ gpg --verify-files matt_zimmerman.msg gpg: Signature made Mon 05 Jan 2004 07:51:35 PM MST using DSA key ID 43E25D1E gpg: Can't check signature: public key not found Then I tried --import: (2) keeling /home/keeling/dox_ gpg --import matt_zimmerman.msg gpg: no valid OpenPGP data found. gpg: Total number processed: 0 Ah! Finally: (2) keeling /home/keeling/dox_ gpg --recv-keys 43E25D1E gpg: key 43E25D1E: removed multiple subkey binding gpg: key 43E25D1E: public key Matt Zimmerman [EMAIL PROTECTED] imported gpg: Total number processed: 1 gpg: imported: 1 Now why was that so difficult?!? Every other time just reading mail from someone grabs their key from the keyserver and checks the signature. -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - -
Re: [SECURITY] [DSA 411-1] New mpg321 packages fix format string vulnerability - PGP key?
On Mon, Jan 05, 2004 at 10:37:49PM -0700, s. keeling wrote: Incoming from Matt Zimmerman: Debian Security Advisory DSA 411-1 [EMAIL PROTECTED] http://www.debian.org/security/ Matt Zimmerman January 5th, 2004 http://www.debian.org/security/faq Package: mpg321 Vulnerability : format string Problem-Type : remote Debian-specific: no CVE Ids: CAN-2003-0969 Were any of you able to verify the PGP signatures on the latest debian-security-announce messages? I can't: [-- PGP output follows (current time: Mon 05 Jan 2004 10:30:43 PM MST) --] gpg: Signature made Mon 05 Jan 2004 07:51:35 PM MST using DSA key ID 43E25D1E gpg: Can't check signature: public key not found [-- End of PGP output --] wget -O- http://www.debian.org/security/keys.txt | gpg --import -- - mdz
GnuPG can not read some pgp signatures
Hello! I have installed KMail a few days ago, and with it I've installed the GnuPG program too. But some of the signatures can not be read by gpg. There are some messages, which has a signature.asc attached, but KMail writes this in the messages window: The message is signed, but the validity of the signature can't be verified. Reason: No appropriate crypto plug-in was found. And when I Save the attached signature, and run cat signature.asc | gpg --import, I get this messages: gpg: no valid OpenPGP data found. gpg: Total number processed: 0 But, sometimes I get messages, which has also a signature file attached, and it can be verified by KMail, and the signatures can be imported with gpg. For example these keys: http://www.debian.org/security/keys.txt I can import those keys, and KMail can verify these keys, when I'm getting emails from those guys. What could be the problem with the other signature files? If it helps, I can send you a signature, which is not working. Thanks for the help! Daniel -- LeVA
Re: GnuPG can not read some pgp signatures
On Tue, Jan 06, 2004 at 19:06:50 +0100, LeVA wrote: But there are not any gpg-idea packages anywhere. IDEA is patent encumbered in much of Europe, including The Netherlands where non-us.debian.org is hosted and apparently Germany where ftp.gnupg.org is hosted (AFAIK). On the www.gnupg.org site, there aren't any info about this plugin. ftp://ftp.gnupg.org/gcrypt/contrib/README.idea leads you to ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz and ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz.sig Comments in the .c file explain how to build/use it. HTH, Ray -- Text processing doesn't matter. Fortran. Larry Wall on common fallacies of language design
Re: GnuPG can not read some pgp signatures
2004. január 06. 19:17 dátummal J.H.M. Dassen (Ray) ezt írta: On Tue, Jan 06, 2004 at 19:06:50 +0100, LeVA wrote: But there are not any gpg-idea packages anywhere. IDEA is patent encumbered in much of Europe, including The Netherlands where non-us.debian.org is hosted and apparently Germany where ftp.gnupg.org is hosted (AFAIK). On the www.gnupg.org site, there aren't any info about this plugin. ftp://ftp.gnupg.org/gcrypt/contrib/README.idea leads you to ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz A quote from that .c file: however we suggest to avoid this algorithm entirely due to interoperability problems. Then it is not about my wrong configuration, or my problem if I can not use those signatures, right? This is the other partner's problem, that he/she uses an algorithm, which is not international? Am I right? Daniel and ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz.sig Comments in the .c file explain how to build/use it. HTH, Ray -- Text processing doesn't matter. Fortran. Larry Wall on common fallacies of language design -- LeVA
Re: GnuPG can not read some pgp signatures
2004. január 06. 18:26 dátummal Lukas Ruf ezt írta: I assume the keys you try to make use of are for PGP 2.x -- thus they require idea. As far as I found on the web, the gpg-idea package somehow vanished. See my question I posted five minutes ago. But there are not any gpg-idea packages anywhere. I mean, aren't there a hp for that idea plugin? On the www.gnupg.org site, there aren't any info about this plugin. Where can I download the sources of this idea plugin? Daniel wbr, Lukas -- Lukas Ruf | Wanna know anything about raw | http://www.lpr.ch | IP? - http://www.rawip.org | eMail Style Guide: http://www.rawip.org/style.html| -- LeVA
Re: GnuPG can not read some pgp signatures
Quoting Lukas Ruf ([EMAIL PROTECTED]): I assume the keys you try to make use of are for PGP 2.x -- thus they require idea. As far as I found on the web, the gpg-idea package somehow vanished. See my question I posted five minutes ago. You probably already realise this, but idea.c is still available at ftp://ftp.gnupg.dk/pub/contrib-dk/ for anyone who really needs it -- though it's been dropped from the upstream tarball. -- Cheers, * Contributing Editor, Linux Gazette * Rick Moen -*- See the Linux Gazette in its new home: -*- [EMAIL PROTECTED] http://linuxgazette.net/
Re: GnuPG can not read some pgp signatures
LeVA [EMAIL PROTECTED] [2004-01-06 18:22]: Hello! I have installed KMail a few days ago, and with it I've installed the GnuPG program too. But some of the signatures can not be read by gpg. There are some messages, which has a signature.asc attached, but KMail writes this in the messages window: The message is signed, but the validity of the signature can't be verified. Reason: No appropriate crypto plug-in was found. And when I Save the attached signature, and run cat signature.asc | gpg --import, I get this messages: gpg: no valid OpenPGP data found. gpg: Total number processed: 0 I assume the keys you try to make use of are for PGP 2.x -- thus they require idea. As far as I found on the web, the gpg-idea package somehow vanished. See my question I posted five minutes ago. wbr, Lukas -- Lukas Ruf | Wanna know anything about raw | http://www.lpr.ch | IP? - http://www.rawip.org | eMail Style Guide: http://www.rawip.org/style.html|
Re: [SECURITY] [DSA 411-1] New mpg321 packages fix format string vulnerability - PGP key?
Incoming from Matt Zimmerman: Debian Security Advisory DSA 411-1 [EMAIL PROTECTED] http://www.debian.org/security/ Matt Zimmerman January 5th, 2004 http://www.debian.org/security/faq Package: mpg321 Vulnerability : format string Problem-Type : remote Debian-specific: no CVE Ids: CAN-2003-0969 Were any of you able to verify the PGP signatures on the latest debian-security-announce messages? I can't: [-- PGP output follows (current time: Mon 05 Jan 2004 10:30:43 PM MST) --] gpg: Signature made Mon 05 Jan 2004 07:51:35 PM MST using DSA key ID 43E25D1E gpg: Can't check signature: public key not found [-- End of PGP output --] I'm using mutt, and ESC-P usually works checking traditional PGP signatures, but not with these three (bind, libnids, mpg321). -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 411-1] New mpg321 packages fix format string vulnerability - PGP key?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tuesday 06 January 2004 06.37, s. keeling wrote: Incoming from Matt Zimmerman: Debian Security Advisory DSA 411-1 [EMAIL PROTECTED] http://www.debian.org/security/ Matt Zimmerman January 5th, 2004 http://www.debian.org/security/faq Package: mpg321 Vulnerability : format string Problem-Type : remote Debian-specific: no CVE Ids: CAN-2003-0969 Were any of you able to verify the PGP signatures on the latest debian-security-announce messages? I can't: [-- PGP output follows (current time: Mon 05 Jan 2004 10:30:43 PM MST) --] gpg: Signature made Mon 05 Jan 2004 07:51:35 PM MST using DSA key ID 43E25D1E gpg: Can't check signature: public key not found [-- End of PGP output --] I'm using mutt, and ESC-P usually works checking traditional PGP signatures, but not with these three (bind, libnids, mpg321). -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - - maybe you have to import [EMAIL PROTECTED]'s public key. ZsoL - -- ICQ#: 66782170 PGP key: http://pks.gpg.cz:11371/pks/lookup?op=getsearch=0x440202C3137B1CB4 I love deadlines. I like the whooshing sound they make as they fly by. - Douglas Adams -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQE/+lHZRAICwxN7HLQRAmk9AKC9NYqT7GOgOw9ClKkwV+2KskLq3QCfTtcX TypB/rTlckTUvsO1U/ZYEus= =G2Rd -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 411-1] New mpg321 packages fix format string vulnerability - PGP key?
Incoming from Matt Zimmerman: Debian Security Advisory DSA 411-1 [EMAIL PROTECTED] http://www.debian.org/security/ Matt Zimmerman January 5th, 2004 http://www.debian.org/security/faq Package: mpg321 Vulnerability : format string Problem-Type : remote Debian-specific: no CVE Ids: CAN-2003-0969 Were any of you able to verify the PGP signatures on the latest debian-security-announce messages? I can't: [-- PGP output follows (current time: Mon 05 Jan 2004 10:30:43 PM MST) --] gpg: Signature made Mon 05 Jan 2004 07:51:35 PM MST using DSA key ID 43E25D1E gpg: Can't check signature: public key not found [-- End of PGP output --] I'm using mutt, and ESC-P usually works checking traditional PGP signatures, but not with these three (bind, libnids, mpg321). -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - -
Re: Pgp/GPG MiM chosen ciphertext attack
You mean, the social engineering that they were so nice to point out? *sigh* No cure for stupid users. -Anne This one time, Dale Amon wrote: I presume most of you have heard about the paper by Jallad, Katz and Schneier? http://www.counterpane.com/pgp-attack.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- .-.__.``. Anne Carasik, System Administrator .-.--. _...' (/) (/) ``' gator at cacr dot caltech dot edu (O/ O) \-' ` -==.', Center for Advanced Computing Research ~`~~ pgpmj9hXGhZBQ.pgp Description: PGP signature
Re: Pgp/GPG MiM chosen ciphertext attack
It would appear this does not effect 1.06 (see footnote on page 5 of paper). Good thing I didn't upgrade! :) On Thu, 15 Aug 2002 at 10:34:28AM -0700, Anne Carasik wrote: You mean, the social engineering that they were so nice to point out? *sigh* No cure for stupid users. -Anne This one time, Dale Amon wrote: I presume most of you have heard about the paper by Jallad, Katz and Schneier? http://www.counterpane.com/pgp-attack.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- .-.__.``. Anne Carasik, System Administrator .-.--. _...' (/) (/) ``' gator at cacr dot caltech dot edu (O/ O) \-' ` -==.', Center for Advanced Computing Research ~`~~ -- Phil PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import pgpzhCH0kwisy.pgp Description: PGP signature
Pgp/GPG MiM chosen ciphertext attack
I presume most of you have heard about the paper by Jallad, Katz and Schneier? http://www.counterpane.com/pgp-attack.html
KeyServer was Re: PGP
[-snip-] Speaking of KeyServers is there a .deb for one of 'em around somewere? greets Uwe -- X-Tec GmbH Institute for Computer and Network Security WWW : http://www.x-tec.de/
Re: PGP
* Daniel Rychlik ([EMAIL PROTECTED]) [020802 13:43]: Hello, I have recently setup PGP on my Debian server at home. I have setup Exim for relay of 3 hosts. I would like to be able to include pgp signature signing for the three hosts. My wife uses Outlook for her email and I was wandering if their was a way to automatically sign her email messages as they leave the mailbox. Ive read the documentation Phillip Zimmerman, but it doesnt really have any info on setting up pgp keys for mail clients. Any information would be great! I'm not sure exactly what it is you're trying to do, but I think you should ask yourself what it is you're trying to gain. If you have the signatures added automatically, then I presume you also mean that you are keeping private keys without passphrases. The signature on those messages doesn't really tell me that the message comes from your wife, but rather that it passed through your mail server (if even that). IMO, GPG is something that should be implemented just at the ends of an end-to-end communication path. That is to say that I sign a message when I compose it, before I send it. It doesn't get signed somewhere in the middle. Similarly, I don't ask my tools to automatically decrypt messages I receive; I do that only when I view them. I'm not sure if there are any add-on packages for outlook (there were last time I checked, but they may have since been orphaned), but it sounds to me like your idea of adding it on at the server adds little real security. good times, Vineet -- http://www.doorstop.net/ -- http://www.anti-dmca.org/ pgpSaw48v14im.pgp Description: PGP signature
Re: PGP
On Fri, Aug 02, 2002 at 03:52:34PM -0500, Daniel Rychlik wrote: -BEGIN PGP SIGNED MESSAGE- Hello, I have recently setup PGP on my Debian server at home. I have setup Exim for relay of 3 hosts. I would like to be able to include pgp signature signing for the three hosts. My wife uses Outlook for her email and I was wandering if their was a way to automatically sign her email messages as they leave the mailbox. Ive read the documentation Phillip Zimmerman, but it doesnt really have any info on setting up pgp keys for mail clients. Any information would be great! Sorry when telling you something you already know. There is a tool called kuvert which seems to offer just what you want. Mathias Daniel J. Rychlik http://daniel.rychlik.ws -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPUrwdQ8VKKJfCDjBAQH2tAP9HpxPoEtitgy/Sz7BtBbDnj4244CAVWhE DxXa0jlTJHDC5WnMmJ1da0OANHxTHA0XQeXFOB3S/5tmvvOJr56/An+/gN2lReZS MbkMhgHhTjEP+pbRNLQZN6MQ13H7SaSuEWhww8TaPwuhzdXqZmzKsc4kpjoh5ybM Au9Xidoems4= =DFXM -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
PGP
-BEGIN PGP SIGNED MESSAGE- Dear Sirs, In pgp, how do I upload my public key to a key server? Ive read the documentation on it and I cannot seem to find a way to do it. Thanks Daniel J. Rychlik -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPU6+Pw8VKKJfCDjBAQGaVgP/XM0mGcQdrBqCBdFhZcp9kv03c3guxRXH 34zVmtbqoSLsK+1sCUCV51nfbzpDzNKZDMEaHZiiLkVbpYdkgbUD5p1ScoXCMoeC syQF7Ld3wX0m6CgOWECTyrWvsB3m8rOxmUiIyDMVOaTAIv9GMWaE1ulyPrhZgE9a TM0TxKlgFQk= =J4EW -END PGP SIGNATURE-
Re: PGP
On Mon, Aug 05, 2002 at 01:06:03PM -0500, Daniel Rychlik wrote: In pgp, how do I upload my public key to a key server? Ive read the documentation on it and I cannot seem to find a way to do it. --send-keys [names] Same as --export but sends the keys to a key? server. Option --keyserver must be used to give the name of this keyserver. Don't send your com? plete keyring to a keyserver - select only those keys which are new or changed by you. ...wasn't clear enough for you? noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html pgpY154YP85xy.pgp Description: PGP signature
Re: PGP
Noah L. Meyerhans [EMAIL PROTECTED] writes: On Mon, Aug 05, 2002 at 01:06:03PM -0500, Daniel Rychlik wrote: In pgp, how do I upload my public key to a key server? Ive read the documentation on it and I cannot seem to find a way to do it. --send-keys [names] Same as --export but sends the keys to a key server. Option --keyserver must be used to give the name of this keyserver. Don't send your com plete keyring to a keyserver - select only those keys which are new or changed by you. ...wasn't clear enough for you? He's using PGP, look at his signature. -- Florian Weimer[EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898
Re: PGP
must have missed that one.
Re: PGP
On Mon, Aug 05, 2002 at 01:19:45PM -0500, Daniel Rychlik wrote: must have missed that one. I am sorry for giving an RTFM-style answer. I didn't think anybody was still using PGP. Is there a specific reason you need it instead of gpg? pgp can't upload to keyservers on its own. Take a look at http://www.keyserver.net/en/ for a web interface to adding keys to the keyserver network. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html pgplxg4UAGdye.pgp Description: PGP signature
Re: PGP
On Fri, Aug 02, 2002 at 03:52:34PM -0500, Daniel Rychlik wrote: -BEGIN PGP SIGNED MESSAGE- Hello, I have recently setup PGP on my Debian server at home. I have setup Exim for relay of 3 hosts. I would like to be able to include pgp signature signing for the three hosts. My wife uses Outlook for her email and I was wandering if their was a way to automatically sign her email messages as they leave the mailbox. Ive read the documentation Phillip Zimmerman, but it doesnt really have any info on setting up pgp keys for mail clients. Any information would be great! The place to look is the exim manual. I guess the system-wide message filtering would make something like this possible. You should also contact the debian-user mailing list or even find an exim related mailing list. Mathias Daniel J. Rychlik http://daniel.rychlik.ws -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPUrwdQ8VKKJfCDjBAQH2tAP9HpxPoEtitgy/Sz7BtBbDnj4244CAVWhE DxXa0jlTJHDC5WnMmJ1da0OANHxTHA0XQeXFOB3S/5tmvvOJr56/An+/gN2lReZS MbkMhgHhTjEP+pbRNLQZN6MQ13H7SaSuEWhww8TaPwuhzdXqZmzKsc4kpjoh5ybM Au9Xidoems4= =DFXM -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]