Re: pgp question
On Sat, 11 Sep 1999, Peter Palfrader aka Weasel wrote: I'm a bit puzzled about the validy of keys that pgp (6.5.1) tells me. I don't trust pgp 6.5.1. Martin -- For public PGP-key: finger [EMAIL PROTECTED]
pgp question
I'm a fairly new pgp user and hope that the gurus here can bring some light into my dark. I'm a bit puzzled about the validy of keys that pgp (6.5.1) tells me. Here's what I have: KeyID Trust Validity User ID 0x... marginal complete Dillo [EMAIL PROTECTED] cultimate Peter Palfrader [EMAIL PROTECTED] I signed Dillo's key after we'd exchanged passphrases and since I trust my own signature ultimately Dillo's key is completely valid. I usually trust dillo to do a good job when certifying signatures. Now there's a third user name Konrad which I've never met in person but Dillo knows him. KeyID Trust Validity User ID 0x... untrusted marginal Konrad [EMAIL PROTECTED] c marginal Dillo [EMAIL PROTECTED] complete Konrad [EMAIL PROTECTED] c marginal Dillo [EMAIL PROTECTED] complete Konrad [EMAIL PROTECTED] c marginal Dillo [EMAIL PROTECTED] Now the first two lines look quite good. I marginally trust Dillo who signed Konrad's key so Konrad's key is marginally valid. However what puzzles me is why on earch are the two other user id's on Konrad's key completely valid. Perhaps you can help me? -- Weasel http://www.cosy.sbg.ac.at/~ppalfrad/ PGP encrypted messages prefered. See my site or finger -l ppalfrad --- A friend is someone who knows the song in your heart and can sing it back to you when you have forgotten the words. pgpv4P1rVHbZg.pgp Description: PGP signature
RE: pgp question
On 11-Sep-99 Peter Palfrader aka Weasel wrote: I'm a fairly new pgp user and hope that the gurus here can bring some light into my dark. I'm a bit puzzled about the validy of keys that pgp (6.5.1) tells me. Here's what I have: KeyID Trust Validity User ID 0x... marginal complete Dillo [EMAIL PROTECTED] cultimate Peter Palfrader [EMAIL PROTECTED] I signed Dillo's key after we'd exchanged passphrases and since I trust my own signature ultimately Dillo's key is completely valid. I usually trust dillo to do a good job when certifying signatures. You exchanged passphrases?? I don't think you should do that. Your passphrase is for your own use when you encrypt or sign something. -- Andrew - GnuPG Public KeyID: 0x48109681
Re: pgp question
On Sat, Sep 11, 1999 at 10:08:09PM -, Pollywog wrote: You exchanged passphrases?? I don't think you should do that. Your passphrase is for your own use when you encrypt or sign something. oops, fingerprints :) -- Weasel http://www.cosy.sbg.ac.at/~ppalfrad/ PGP encrypted messages prefered. See my site or finger -l ppalfrad --- A friend is someone who knows the song in your heart and can sing it back to you when you have forgotten the words. pgp2rB2mu7iLT.pgp Description: PGP signature
PGP question
Reply-To: This is just out of curiosity..not meant to be flamebait :-) Those of you who PGP sign your messages, why do you do it? I've looked into getting PGP several times, and I have a PGP- compliant mail-reader, but is there any advantage in signing your messages? -- Stephen Pitts [EMAIL PROTECTED] webmaster - http://www.mschess.org
RE: PGP question
On 23-Feb-99 Stephen Pitts wrote: Reply-To: This is just out of curiosity..not meant to be flamebait :-) Those of you who PGP sign your messages, why do you do it? I've looked into getting PGP several times, and I have a PGP- compliant mail-reader, but is there any advantage in signing your messages? On many lists, people will get annoyed by the sigs, almost as though one had used HTML. That is why I quit doing it :) -- Andrew
RE: PGP question
On Tue, 23 Feb 1999, Pollywog wrote: On 23-Feb-99 Stephen Pitts wrote: Reply-To: This is just out of curiosity..not meant to be flamebait :-) Those of you who PGP sign your messages, why do you do it? I've looked into getting PGP several times, and I have a PGP- compliant mail-reader, but is there any advantage in signing your messages? On many lists, people will get annoyed by the sigs, almost as though one had used HTML. That is why I quit doing it :) I don't really think PGP signatures are that bad. Some people get annoyed when they can't figure out how to read the signature... The reason that PGP signatures are used is so that you can verify that the email REALLY came from the person that signed it. An email is rediculously easy to fake, while a PGP signature is virtually impossible to falsify.
Re: PGP question
Daniel González Gasull [EMAIL PROTECTED] writes: I'm still using PGP 2.6.3in, a modified version PGP 2.6.3i. I'm gonna switch to GNU Privacy Guard. Now I have no time. I think it's the best solution. You can get it from http://www.d.shuttle.de/isil/gnupg . Try the gpg Debian packages from non-us.debian.org instead. Greetings, joachim
PGP question
Hi, I have a question about PGP which I am hoping someone can help me with. I live in Canada and I am wondering what version of PGP I should use. Being a Canadian citizen, I can download the US version or the international version I believe so I am wondering what version, technically speaking, gives the most flexability. I am currently using pgp 2.6.3-us due to the fact that it's opensource but am wondering if I am losing anything by that. Also, since I am running a multiuser system, is it ok to let others have access to PGP who may be outside the US or Canada when logged into my system? Thank in advance, Shane -- Shane Wegner: [EMAIL PROTECTED] Tel: (604) 930-0530 Sysadmin, Continuum Systems: http://www.cm.nu Personal website: http://www.cm.nu/~shane PGP key: http://www.cm.nu/~shane/pgp.shtml
RE: PGP question
I believe you are allowed to use the US version yourself if you live in Canada, but any users who log in from outside the US or Canada will not be allowed to do so. I think that in your case it would be best to use the international version (www.pgpi.com). J.T. Wenting [EMAIL PROTECTED] www.geocities.com/CapeCanaveral/hangar/9203 -Original Message- From: Shane Wegner [mailto:[EMAIL PROTECTED] Sent: Sunday, January 24, 1999 8:45 AM To: debian-user@lists.debian.org Subject: PGP question Hi, I have a question about PGP which I am hoping someone can help me with. I live in Canada and I am wondering what version of PGP I should use. Being a Canadian citizen, I can download the US version or the international version I believe so I am wondering what version, technically speaking, gives the most flexability. I am currently using pgp 2.6.3-us due to the fact that it's opensource but am wondering if I am losing anything by that. Also, since I am running a multiuser system, is it ok to let others have access to PGP who may be outside the US or Canada when logged into my system? Thank in advance, Shane -- Shane Wegner: [EMAIL PROTECTED] Tel: (604) 930-0530 Sysadmin, Continuum Systems: http://www.cm.nu Personal website: http://www.cm.nu/~shane PGP key: http://www.cm.nu/~shane/pgp.shtml -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null
Re: PGP question
J.T. Wenting writes: I believe you are allowed to use the US version yourself if you live in Canada, but any users who log in from outside the US or Canada will not be allowed to do so. I think that in your case it would be best to use the international version (www.pgpi.com). You are confounding two unrelated issues. Pgp-i may not be used in the US because it infringes a patent. The patent is only enforceable in the US, so pgp-i may be used outside the US. Pgp-us does not infringe that patent, and so may be used anywhere. Neither pgp-i nor pgp-us may be exported from the US because of US export laws. These laws have nothing to say about usage, though. Users who log in from outside the US can use pgp without violating the export laws. They just can't download a copy. -- John Hasler [EMAIL PROTECTED] (John Hasler) Dancing Horse Hill Elmwood, WI
Re: PGP question
Hi! J.T. Wenting [EMAIL PROTECTED] wrote: I believe you are allowed to use the US version yourself if you live in Canada, but any users who log in from outside the US or Canada will not be allowed to do so. I think that in your case it would be best to use the international version (www.pgpi.com). From: Shane Wegner [mailto:[EMAIL PROTECTED] I live in Canada and I am wondering what version of PGP I should use. Now you know you can use the international version, let me say that you can choose between: a) PGP 2 i b) PGP 5 i b) GNU Privacy Guard PGP 2 i only works with RSA PGP keys. PGP 5 i works with RSA and also with new DSS/Diffie-Helman keys. But the command line sintax is different. GNU Privacy Guard (GPG or GnuPG) works with DSS/ElGamal keys. But there is a patch to make it works also with RSA and DSS/Diffie-Helman keys. It cannot generate these keys, but can work with them. I'm still using PGP 2.6.3in, a modified version PGP 2.6.3i. I'm gonna switch to GNU Privacy Guard. Now I have no time. I think it's the best solution. You can get it from http://www.d.shuttle.de/isil/gnupg . BTW, if you're looking 4 a good mailer that supports PGP 2, PGP 5 or GnuPG, try Mutt (http://www.mutt.org). C U L8R. -- ___ Daniel González Gasull __|_|__Un sólo muerto es mailto:[EMAIL PROTECTED] (o o) ya demasiado. PGP RSA key 1024/EEA93A69 ( - ) -- Nelson Mandela ( . ) ( . ) (_) Hi! I'm Signature Virus 99! Copy me into your signature and join the fun! pgpbyWf7Copbh.pgp Description: PGP signature
pgp question
How do I sign somebody's key? Here's an example of the problem I'm having; [1:14am] [EMAIL PROTECTED]:~ pgp -ks ahpee Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses. (c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04 International version - not for use in the USA. Does not use RSAREF. Current time: 1998/07/29 15:14 GMT A secret key is required to make a signature. You specified no user ID to select your secret key, so the default user ID and key will be the most recently added key on your secret keyring. Looking for key for user 'ahpee': Key for user ID: Timothy Ahpee [EMAIL PROTECTED] 1024-bit key, key ID 6C794091, created 1997/03/26 Key fingerprint = CD 51 BA 6D 15 C8 CB 9C DF A1 05 3D 9A 18 F7 DF Key is already signed by user ''. Key signature error. For a usage summary, type: pgp -h For more detailed help, consult the PGP User's Guide. This happens even if I try to sign my own key. Hamish -- Hamish Moffatt, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Latest Debian packages at ftp://ftp.rising.com.au/pub/hamish. PGP#EFA6B9D5 CCs of replies from mailing lists are welcome. http://hamish.home.ml.org -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null
Re: pgp question
HM == Hamish Moffatt [EMAIL PROTECTED] writes: HM [1:14am] [EMAIL PROTECTED]:~ pgp -ks ahpee [...] HM Key is already signed by user ''. HM This happens even if I try to sign my own key. pgp signs your own key by default, so they are already signed. I believ you also already signed ahpee's key. Check with pgp -kvv ahpee. Ciao, Martin -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null
Re: Debian Pgp question...
| On Tuesday, 13 January 98, at 12:14:19 PM | Smorrill wrote about Debian Pgp question... I have used Pgp for quite awhile with Win95, and thus have already made my secret key id number, etc. I would like to get pgp set up with Linux as I would like to move to using Debian exclusively. Anybody out there familiar with this issue of how I would use my same 1028 bit key (created under Dos, MIT pgp...2.6.2) without having to revoke the existing key a create a new one? Mount the drive that contains your pgp directory in windows. In your home directory, link .pgp to the win95 pgp directory. On my machine, ln -s /dr_c/pgp ~/.pgp 2B OR NOT 2B=FF Adam Heath of Borg-Linux [EMAIL PROTECTED] Join the H.323 effort. Email http://www.debian.org - Get Your Own Linux! [EMAIL PROTECTED] with http://wwp.mirabilis.com/3375265 - Page Me the word subscribe in the body. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Debian Pgp question...
On 13 Jan, Scott Ellis wrote: Copy your secret and public key files to your linux machine And when you do this copy, be really carefull with what you do; it would be very easy to leave around copies of the secret key, thus compromizing the key. As a thumb's rule, re-format all the floppy disks that you have used to move your secret key. Don't trust delete or rm. it is very easy to undelete a file under M$, but even with rm it is possible to get the content of the file using a disk editor. A safe remove is to copy a file over the file to be removed and then remove it. Be paranoic with your secret key! Using pgp is an annoyance needed to get trust, but being annoyed without the advantages is much worse. Fabrizio -- | [EMAIL PROTECTED][EMAIL PROTECTED][EMAIL PROTECTED] | Pluto Leader - Debian Developer Happy Debian 1.3.1 User - vi-holic | 6F7267F5 fingerprint 57 16 C4 ED C9 86 40 7B 1A 69 A1 66 EC FB D2 5E more than 35 months are needed to get rid of the millennium. [me] If NT is your answer, means you didn't understand the question.[som1] -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Debian Pgp question...
I have used Pgp for quite awhile with Win95, and thus have already made my secret key id number, etc. I would like to get pgp set up with Linux as I would like to move to using Debian exclusively. Anybody out there familiar with this issue of how I would use my same 1028 bit key (created under Dos, MIT pgp...2.6.2) without having to revoke the existing key a create a new one? TIA -- Steve Morrill Reply to [EMAIL PROTECTED] PGP Pub key id: 0xF2459FCD Debian LINUX Where I really want to go today! -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Debian Pgp question...
On Tue, 13 Jan 1998, smorrill wrote: I have used Pgp for quite awhile with Win95, and thus have already made my secret key id number, etc. I would like to get pgp set up with Linux as I would like to move to using Debian exclusively. Anybody out there familiar with this issue of how I would use my same 1028 bit key (created under Dos, MIT pgp...2.6.2) without having to revoke the existing key a create a new one? Get the debian package of pgp from nonus.debian.org if you haven't already. Copy your secret and public key files to your linux machine Backup any existing key files on your linux machine. run pgp -ka on your secret key ring and your public key ring. Enjoy :) -- Scott K. Ellis [EMAIL PROTECTED] http://www.gate.net/~storm/ -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Debian Pgp question...
-BEGIN PGP SIGNED MESSAGE- On Tue, 13 Jan 1998, Scott Ellis wrote: On Tue, 13 Jan 1998, smorrill wrote: I have used Pgp for quite awhile with Win95, and thus have already made my secret key id number, etc. I would like to get pgp set up with Linux as I would like to move to using Debian exclusively. Anybody out there familiar with this issue of how I would use my same 1028 bit key (created under Dos, MIT pgp...2.6.2) without having to revoke the existing key a create a new one? Get the debian package of pgp from nonus.debian.org if you haven't already. Copy your secret and public key files to your linux machine Backup any existing key files on your linux machine. run pgp -ka on your secret key ring and your public key ring. And if you have PGP 5.0 keys (the yellow ones) in your key file under Win95. Remove these first by simple make backup copies of your key files, remove the keys (even when they are only used to sign AFAIK) take these file for Linux, and restore the original key file from you backup copies. Enjoy ;-) Daniel - - - - Daniel Gross [EMAIL PROTECTED] - - - Ingolstadt, Germany [EMAIL PROTECTED] - - - If Win95 is the answer, it must have been a real foolish question ! - - - -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv Comment: Requires PGP version 2.6 or later. iQEVAwUBNLu1sAnLrgqPNGtBAQEBnAf+Mu77I9A9q/1IOg/fA2tdZ7xdpJ9QISO1 88sn2/xXKI1LBGxIbM6W0Zkft0qiBujnjjT2brULj1Va+w6HxWcB+CBZfTQ91dLo VG6Sx3o3czAlvFC/EYS3La3zALAuQb79swpwrCUMZo3/XSecb5CuP2jObMtjAl7Q stFizHEBpbwU5QUkaS763bANoElKXxiLSjjgK7oTQVIuB3llpayRpgvLGpVpXYeU OtKXnuvgQo1GQvxe1fX0zDOkB1SHYazvarpJX3e6d8fHqqMQm4eIByGgZuiJB+pb DDFfqOs8d/fEBuh+FyMVGKmkmVILM0Y0QKr2jRkjGsAk7AfvZ3QTig== =5adi -END PGP SIGNATURE- -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Stupid PGP question
Is there a US PGP .deb package anywhere? I will be darned if I can locate it. I am probably staring right at the thing. I seemed to be able to find pointers to the non-us PGP but where is the US version? Thanks. -- George Bonser [EMAIL PROTECTED], [EMAIL PROTECTED] -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Stupid PGP question
George Bonser [EMAIL PROTECTED] writes: Is there a US PGP .deb package anywhere? I will be darned if I can locate it. I am probably staring right at the thing. I seemed to be able to find pointers to the non-us PGP but where is the US version? The US version is on the same site, outside the US, so no one has to feed the lawyers over stupid US export laws. See the relevant ftp README file at the top level of any debian mirror site. -- Rob -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Stupid PGP question
That raises the question of how the US version got on the non-US server :) but thanks! George Bonser [EMAIL PROTECTED], [EMAIL PROTECTED] On 21 Dec 1996, Rob Browning wrote: George Bonser [EMAIL PROTECTED] writes: Is there a US PGP .deb package anywhere? I will be darned if I can locate it. I am probably staring right at the thing. I seemed to be able to find pointers to the non-us PGP but where is the US version? The US version is on the same site, outside the US, so no one has to feed the lawyers over stupid US export laws. See the relevant ftp README file at the top level of any debian mirror site. -- Rob -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]