Re: [Enigmail] Extended Support for Enigmail on Thunderbird 68
On 12/13/20 12:57 PM, Patrick Brunschwig wrote: > Given that this is still quite a large user base, I have decided to > continue to support and maintain Enigmail 2.1.x for some more time. I > will support Enigmail for Thunderbird 68 until 2 months after the next > major version of Thunderbird has been released (the current plan is TB > 91 in July 2021). > > What can you expect during the extended support time? > * Bug fixing > * Support with setting up and using Enigmail > * No new features or changed features A solid citizen as always, Patrick. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Future OpenPGP Support in Thunderbird
On 10/8/19 12:41 PM, Robert J. Hansen wrote: >> I have a terrible feeling that as with Firefox, this change in >> Thunderbird is going to carpet-nuke Thunderbird's add-on ecosystem and >> severely reduce its overall utility. WebExtensions has been around >> since 2015 and the Firefox WebExtensions add-on landscape is still a >> blasted plain sparsely dotted with a few stunted trees. It is still >> shocking to me how *few* pages the entire list of Firefox WebExtensions >> takes up. > > I'm wildly in favor of WebExtensions mostly because of how it brings at > least theoretical cross-browser portability to what had previously been > the Wild West. I agree the Firefox ecosystem of WE is pretty desolate > right now, but the Google Chrome one is doing pretty well and the nature > of WE is they can be ported from Chrome (and all its derivatives: Opera, > MS Edge, etc.) to Firefox and back again without much headache. For clarity: I understand the technical arguments behind WebExtensions, and they are generally sound. Nevertheless, the change was a body-blow to Firefox's add-on ecosystem from which it so far shows little signs of recovering. A huge number of add-on developers just threw up their hands and quit. > I completely understand the fear that WebExtensions will be a wasteland. > But let's be careful about praising the old system, because really, it > didn't deserve much in the way of praise. I'm not really praising the mechanism itself. Just lamenting the loss of the huge, rich ecosystem that grew on it, and which shows little sign of regrowing. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Future OpenPGP Support in Thunderbird
On 10/8/19 10:57 AM, Mark Rousell wrote: > On 08/10/2019 08:08, Patrick Brunschwig wrote: >> The Thunderbird developers have announced that they will implement >> OpenPGP support in Thunderbird 78 [1]. Support for Thunderbird in >> Enigmail will therefore be discontinued. > > Wow. > > Patrick, first of all I'd like to thank you for all the effort you have > put into Enigmail (and will continue to put into it). Without your > brilliant work it is clear that Thunderbird would not have been as > successful as it has been. Second^W er, thirded. > I am certain that I would not have been a longtime user of Thunderbird > if it had not been for the old addon ecosystem, especially Enigmail. I second this. I don't use a *lot* of add-ons in Thunderbird, but the few that I do use add or *fix* important functionality. (Like the "Seriously, what were you thinking?" Thunderbird design decision to display your own address in incoming mail as "Me". Because NOBODY IN THE ENTIRE WORLD uses more than one email address or cares which address incoming mail was sent to ... right?) I have a terrible feeling that as with Firefox, this change in Thunderbird is going to carpet-nuke Thunderbird's add-on ecosystem and severely reduce its overall utility. WebExtensions has been around since 2015 and the Firefox WebExtensions add-on landscape is still a blasted plain sparsely dotted with a few stunted trees. It is still shocking to me how *few* pages the entire list of Firefox WebExtensions takes up. Sometimes I really wonder whether the Mozilla Foundation is actively trying to make its users abandon everything it produces. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] impact on (TB) performance
On 2/20/19 7:49 AM, Daniel Pecka wrote: > fair .. thanks for input .. it's all fine, I don't have any real problem > .. thanks for enigmail (and please don't be lazy, it could do much more > things like defragmenting drive, reading my emails with text-to-voice > system, check certain folders and intelligently reply on oncoming > messages, it also could contain some relaxing logic minigame and > generally, it could have much more features that we're missing now !!!) .. Logic minigames...? Text-to-voice? Autoreplying to emails? Drive defragmentation? NONE of these things are Enigmail's job. And if I wanted minigames, I could set up a Facebook account. (Or, you know, just publish all of my confidential data to the Web directly and cut out the middleman.) -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
[Enigmail] Dirmngr misbehavior
It appears dirmngr is some kind of certificate revocation manager component of GnuPG. Is anyone else experiencing GnuPG leaving multiple copies of dirmngr lying around? Right now I have *24* dirmngr processes running. I clean them out periodically, because it seems they never get cleaned up on their own. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] [ANN] Enigmail 2.0.5 available - full protection against Efail
On 05/21/18 16:36, David wrote: > On 5/21/2018 3:35 PM, Patrick Brunschwig wrote: >> On 21.05.18 21:19, David wrote: >>> Is Thunderbird going to continue to follow Mozilla Firefox's lead >>> and eventually drop support for "bootstrap" extensions? If so may >>> I ask what you have planed for the future? > >> That's not upon Thunderbird to decide - such changes are driven by >> Firefox. But the Firefox developers have promised to keep a way >> for Thunderbird to have something that works the same way as >> bootstrapped addons do today. > > Thank you for the information. It is good to hear. I think I'm confused. I thought that the Mozilla Foundation had cast Thunderbird loose to find its own way, in order to focus on Firefox? Or are the development teams still working closely together? -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] A postmortem on Efail
On 05/21/18 09:57, Andrew Gallagher wrote: > On 21/05/18 14:35, Phil Stracchino wrote: >> What MySQL (from mid-5.7 on) does for tablespace encryption might be of >> note here. MySQL uses a fixed table key for each encrypted InnoDB >> table, but encrypts the table keys with a master key which is >> periodically rotated. This allows regular rotation of the master >> encryption key that protects all of the table keys, without having to >> decrypt and re-encrypt possibly terabytes of table data. > > The equivalent in PGP is to replace the asymmetric encryption layer but > keep the same symmetric session key. But this assumes that the symmetric > encryption remains sound. In the efail scenaroio at least, we also > probably want to replace the symmetric algorithm (3DES, CAST5). However, that would probably be a one-time operation, not a mopnthly rotation. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] A postmortem on Efail
On 05/21/18 08:34, Ben McGinnes wrote: > To say, “we have this edge case scenario that really needs an active > targeted attack on a case by case basis, so everyone should just stop > integrating encryption” is the kind of thing that can get people > killed. Indeed. "There is a possible attack against this encryption, so stop encrypting your mail" is poor advice. "There is a possible attack against this encryption, be vigilant, turn off HTML mail rendering to help mitigate the attack until fixed" would have been much better advice. > So in my opinion it's not the merits or lack thereof in the > demonstrated attacks they released that have the gravest consequence > here, it's that the number one recommended mitigation technique is to > remove cryptographic functions from MUAs. Even though they still said > to basically perform those functions manually and independently, which > does imply not opposing using cryptography itself. It's still a > recommendation which is sure to create far more dangerous outcomes for > end users. Agreed. The probable outcome of the majority of at-risk individuals trying to securely encrypt their mail manually to avoid this vulnerability would be to decrease, not increase, their safety and security. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] A postmortem on Efail
On 05/20/18 16:28, Phil Pennock wrote: > 4. Get together actual MUA maintainers who are users of the GnuPG >code-base in a mailing-list and hammer out details of "what should be >done about old mail". Cryptographers have long said to decrypt >inbound mail and re-encrypt it to a storage key, which can >periodically be rotated, but AFAIK mail-clients don't have sane ways >to do this. What MySQL (from mid-5.7 on) does for tablespace encryption might be of note here. MySQL uses a fixed table key for each encrypted InnoDB table, but encrypts the table keys with a master key which is periodically rotated. This allows regular rotation of the master encryption key that protects all of the table keys, without having to decrypt and re-encrypt possibly terabytes of table data. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] A postmortem on Efail
On 05/20/18 05:22, Andrew Gallagher wrote: > > I said earlier that deprecation has to happen, but I’ll reiterate here. If > doing the things that we know need to be done requires breaking backwards > compatibility, then so be it. There is no value in preserving backwards compatibility when the backwards that one is maintaining compatibility with is broken in the first place. We *know* 2.6 is insecure. What on earth is the point of maintaining support for a *known insecure* version of a security tool? It's not the Emperor's new suit, it's his beloved threadbare once-fuzzy bathrobe with his hairy ass hanging out the back. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Enigmail 2.0.4 available - better protection against Efail
On 05/16/18 17:55, Jean-David Beyer wrote: > I installed this into my 52.7.0 (64-bit) Thunderbird and sent a signed > encrypted e-mail to myself. I received this and got, among other things, > this pop-up" > > GnuPG cannot query your passphrase via pinentry. This is a system setup > or configuration error that prevents Enigmail from working properly and > cannot be fixed automatically. We strongly recommend that you consult > our support web site at https://enigmail.net/faq. > > > Problem 1: when I go to https://enigmail.net/faq > I get > > Error 404 - Page not Found > We are sorry. The page you were looking for cannot be found. The link resolves and works for me. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Fwd: PGP key expires in 3 days: 0x8EE66C320E62EFA8 (it can be extended)
On 02/06/18 16:44, David wrote: > BTW I am told that talking to yourself is only bad it you answer. No, the real problem is when you *argue*. :) -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Thunderbird 52.4 (56) released.
On 10/18/17 13:11, Wayne Mery wrote: > On 10/18/2017 9:46 AM, Phil Stracchino wrote: >> On 10/18/17 08:50, David Boles wrote: >>> The current release of Enigmail (1.9.8.3) and the alpha version Enigmail >>> Nightly do not work with it. >> >> As a footnote, this release of Thunderbird contains a fix for a bug >> first filed 14 years ago... >> > Be thankful there are people fixing them. Oh, absolutely. I'm glad I was able to help nail it down. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Thunderbird 52.4 (56) released.
On 10/18/17 08:50, David Boles wrote: > The current release of Enigmail (1.9.8.3) and the alpha version Enigmail > Nightly do not work with it. As a footnote, this release of Thunderbird contains a fix for a bug first filed 14 years ago... -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Passphrase ?
On 09/10/17 23:23, Wayne Powell wrote: > OK, so I had a senior moment and have forgotten my passphrase. Is there > ANY way to work around this or change my passphrase ? I really feel > unnecessary at the moment. Thanks in advance for any help or guidance. > > Regards, Wayne The whole point of a strong passphrase is that other people cannot easily crack it. This means that you can't either, because if you can easily recover or crack it, then so can they. ALWAYS assume that an attacker has more resources to devote to cracking your security than you do. If you cannot remember or recover your passphrase, you need to publish your revocation certificate (you DID create one, right?) and create and publish a new key. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Is the latest Enigmail good on Thunderbird 45.8.0?
On 05/04/17 15:57, Enigmail User wrote: > On 5/4/2017 03:21, Patrick Brunschwig wrote: >> On 04.05.17 01:13, Enigmail User wrote: >>> I'm currently running Enigmail version 1.9.6.1 (20161116-1713) on >>> Thunderbird 38.5.0 on a machine running Windows Vista. >>> >>> I'm just checking to make sure that if I upgrade to Thunderbird 45.8.0 >>> that the latest Enigmail will still work on it. >> >> Yes that's the version to use. > > Okay, thanks. It's working fine for me up to 52.1.0. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] "Unverified signature; the key type is not supported by your version of GnuPG"
On 01/04/17 10:46, Marco A.G.Pinto wrote: > Hello! > > The warning in the subject appears when I open the e-mails from Werner > Koch in the GnuPG mailing list. > > What does it mean? > > Thanks! Um ... it means what it says. Your installed version of GnuPG doesn't know how to handle Werner's key, most likely because your GnuPG is too old. Try updating to a more current version of GnuPG. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Smartcard setup
On 10/27/16 20:50, Phil Stracchino wrote: > That told me that gpg2 wants to get card status from scdaemon. I > apparently don't have an scdaemon, because gnupg was compiled without > USE=smartcard. > > That should be straightforward to fix. And indeed, after adding USE=smartcard to the three packages for which it exists and doing an emerge world, suddenly Everything Works. Now I need to set up the card... -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Smartcard setup
On 10/27/16 17:08, Robert J. Hansen wrote: >> Can anyone tell me what I'm missing or doing wrong? > > On OS X, every now and again gpg-agent gets totally wedged with respect to > smart cards. When that happens I have to kill gpg-agent and start a new > instance. > > I'd try debugging this at the command line first. With the card removed, > > $ killall gpg-agent Doh! Did not think to kill/restart gpg-agent. > Insert the card, then: > > $ gpg2 --card-status That told me that gpg2 wants to get card status from scdaemon. I apparently don't have an scdaemon, because gnupg was compiled without USE=smartcard. That should be straightforward to fix. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
[Enigmail] Smartcard setup
So, a while back I was given a v2.1 GnuPG smartcard and a reader by a most excellent gent on this list. And I finally managed to find the mental bandwidth to try to set it up for Enigmail (on Gentoo Linux). USB sees the reader. Check. app-crypt/ccid installed. Check. sys-apps/pcsc-lite and sys-apps/pcsc-tools installed. Check. pcsc-lite USE flag added to world. World rebuilt. Check. (Only net-misc/rdesktop was updated. Apparently only rdesktop actually has that USE flag. 'equery hasuse pcsc-lite' confirms that.) Start pcscd in foreground. Insert card in reader. pcscd sees the card. Start pcscd service. Check. Run pcsc-scan. pcsc-scan sees the card: Reader 0: SCM Microsystems Inc. SCR 3310 [CCID Interface] 00 00 Card state: Card inserted, ATR: 3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C ... Possibly identified card (using /usr/share/pcsc/smartcard_list.txt): 3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C GnuPG card V2 That looks correct. The card and reader are clearly working. Remove card. Restart Thunderbird just to be sure. Re-insert smartcard in reader. Go to Enigmail/Manage Smartcard. Management dialog appears. Enigmail seems unable to see or read the card; all fields are blank. Can anyone tell me what I'm missing or doing wrong? -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] REPLACE the eye-challenging gray text on website
On 09/07/16 01:43, Olav Seyfarth wrote: > Hi Jim, > > RJH wrote: >> What I see is a dark gray, pretty much a charcoal hue. > > I see a very dark gray, too, on Firefox/Linux for the two pages you > screenshotted. > However, the FAQ page summaries are in a light gray until "opened". I concur; dark charcoal gray on both examples. I think this is an interaction between your browser and your display theme. Might I ask what browser and OS you are using? This is a particular problem on Windows 10, which may decide on the basis of the colors in your desktop "theme" that text in web pages should be extremely light, assuming that it will be on a dark background and failing to observe that the page background is actually light. I had to install an add-on into one of my browsers on my Windows 10 machine specifically to overcome this problem. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] REPLACE the eye-challenging gray text on website
On 09/06/16 15:34, Ludwig Hügelschäfer wrote: > Hi, > > On 06.09.16 18:08, Doug Barton wrote: >> On 09/04/2016 06:24 PM, Jim Wyman wrote: >>> Please STOP using gray text on the white background on your website. >>> (...) >> >> While I certainly agree with your sentiments, I'm not seeing grey text >> on the enigmail web site. Can you give some example URLs? > > The only page which I can think of in this context is the FAQ > http://enigmail.net/index.php/en/faq?view=category&id=11 where we have > grey on white text. That *is* pretty unreadable. When it comes to web readability, good contrast is essential, especially when the text is small. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] algorithm
On 07/10/16 03:18, Rob Landau wrote: > Ok, then do the keys GnuPG generates for Enigmail come from elliptic > curves, from integer factorization, or from discreet logarithms? Once > the size of the prime is chosen (1024 bits, say) does GnuPG always use > the same one? Your question is a little like picking up an adjustable wrench and asking, "What size nut does this fit?" It depends on what you adjust the wrench to. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] OpenPGP.conf on September 8 and 9.
On 05/19/16 05:12, Robert J. Hansen wrote: >> what does this mean??? > > "Shalom" is a Latinization of the Hebrew word for peace. "Salaam" is a > Latinization of the Arabic word for peace. > >> what has religion to do with encryption? > > It's not religious, and even if it were, it would still be okay. If we > have any Jesuits on the list who wish to use "AMDG" as a signature, > Christian clergy who wish to append a "+" to their name in a signature, > observant Jews who wish to append a "✡" to theirs, what-have-you, it's > okay. Go ahead. Pie Iesu domine . *THWACK* Dona eus requiem . *THWACK* -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] OpenPGP.conf on September 8 and 9.
On 05/19/16 10:12, Phil Stracchino wrote: > Pie Iesu domine . *THWACK* > Dona eus requiem . *THWACK* Well *that* was really weird. When I sent that reply, Enigmail asked for my passphrase, I typed in the passphrase, successfully sent the message ... and then Thunderbird stopped responding to the Del key. I could do everything BUT delete messages. Couldn't clear it except by restarting Thunderbird. Anyone else ever seen anything like that happen? -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] UI Proposal
On 03/24/16 21:35, Robert J. Hansen wrote: >> cleartext message. "Red alert" is the wrong model UNLESS it is an error >> or threat for a particular user to EVER receive an unsigned cleartext >> message, and that is a tiny, tiny fraction of the Enigmail userbase. > > If we get a bad signature, I want a clear warning to be sent up. Bad > signatures are "your engine might be on fire" problems: maybe nothing, > but you should look into it. Hence the broken-seal icon and the Guy > Fawkes mask. I 100% agree. A failed signature should raise an alert. But if we raise an alert every time the user receives an unsigned cleartext message, we'll just condition users to ignore alerts. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] UI Proposal
On 03/24/16 12:24, Patrick Brunschwig wrote: > On 23.03.16 09:56, Robert J. Hansen wrote: >> I propose replacing our current Enigmail bar in the Message View with an >> "Enigmal Privacy Readout". Forget messages about "UNTRUSTED Good >> Signature from..." etc. We reduce it down to three icons, representing >> the status of the message privacy, the message accountability, and the >> message integrity. > > Sorry for answering so slowly. I like the idea very much, but I think > we could even go a step further, at least for non-advanced users: a > simple symbol with just 3 colors: > > * green - nothing to worry about, the mail was transmitted safely (i.e. > encrypted and signed, verification was OK). > * yellow - encrypted, but not verified > * red- not encrypted > > Clicking on the icon would give you more details, similarly to what you > explained. I don't think that's actually a good model. It simplifies the model so much that it distorts it, and adds lots of false-positive red signals (which will be interpreted by most people as "OMG SOMETHING IS WRONG" for messages which have nothing wrong with them except that they were sent unencrypted. This falls perfectly into the too-many-alarms model that Robert cited a couple of days ago. For most users, it will cry "Wolf!" on nearly every message they receive. Much better that the message show as privacy greyed (not private), integrity greyed (not verified), without showing a red-alert on every cleartext message. "Red alert" is the wrong model UNLESS it is an error or threat for a particular user to EVER receive an unsigned cleartext message, and that is a tiny, tiny fraction of the Enigmail userbase. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Feature request
On 03/23/16 07:13, Jérémy Bobbio wrote: > Refreshing a full keyring has the downside that it exposes the entire > keyring at once to the keyserver. I know GnuPG doesn't try very hard to > hide metadata, but this one expose the social graph in a quite > identifying manner as it's unlikely that two users will have the same > keys in their keyring. > > These are the concerns that lead to the design of Parcimonie: > https://sources.debian.net/src/parcimonie/0.9-3/design.mdwn/ > > Could Enigmail reuses some of these ideas? Or warn users that it might > be a problem? Or at the very least this could be disabled when TorBirdy > is installed. With no disrespect intended, does anyone here actually believe that a hostile agency which has the ability to snoop your http traffic, and is actively monitoring either you or the keyserver network in general, is not going to be able to correlate Parcimonie's staggered/scattered update requests back to you? Consider in your reply that it is already known that the Tor network has been, according to relevant three-letter agencies, fully penetrated. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Feature request
On 03/23/16 05:10, Robert J. Hansen wrote: > It would be nice if Enigmail could keep track of the last time the > keyring was refreshed -- or, more accurately, the last time Enigmail > refreshed the keyring. Then, every 30 days, Enigmail could prompt the > user for: > > "It's been a month since your keyring has been updated. >Would you like to update it now?" > > With options of 'Yes', 'Ask Me Later', and 'Stop Asking'. If the user > clicks 'Yes', it runs gpg2 --refresh. > > This would potentially help out *a lot* with the problem of people > continuing to use expired, revoked, or otherwise discarded certificates. A simple nudge to perform the most basic key management. I like it. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] separation from Mozilla
On 12/02/15 13:59, Matthew Woehlke wrote: > E-mail lists (or NNTP, darn it! ❤😻gmane😻❤) are less obnoxious than > every software program using their own individual web-based forums > (never mind that web-based forums - and web-based e-mail, for that > matter - are just generally more annoying), and I really don't see > businesses switching to social networks for internal communication. Can't argue with the webforum part. Webfora are an atrocious medium for communication. Social media, however ... it depends what you classify under the "social media" umbrella. My current employer has switched from IRC and Jabber to Slack for near-realtime internal communication, plus the front office deployed some kind of internal facebooky thing some months back that as far as I can tell only the front-office suits actually use. As far as the rest of us are concerned, it does nothing useful. Fifteen years ago, Cygnus Solutions used ICB (a sort of IRC Lite with standalone servers) for much of its internal communication. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] separation from Mozilla
On 12/02/15 14:51, Stephen wrote: > If anything, it is the market for stand-alone mail clients that is > diminishing. Webmail is accessible from any computer with a reasonably > modern web-browser. This is probably how a large majority now use > e-mail. Most people cannot be bothered with the effort needed to > configure a mail user agent. You make a good point. Except that it should be "any computer or mobile device with a reasonably modern web browser". And always with the caveat that it means entrusting the storage and security of your email communications to someone else who may not necessarily have an interest in keeping it as secure as you would like. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] separation from Mozilla
On 12/02/15 11:30, Patrick Brunschwig wrote: > On 02.12.15 12:47, Mike Acker wrote: >> the news I'm reading LWN <http://lwn.net/Articles/666295/> suggests >> that Thunderbird's separation from Linux -- is is done deal > > You mean Mozilla - not Linux. > >> hopefully Thunderbird will just become its own project >> thoughts,-anyone? > > Some people would agree and others would disagree. > > I know that there are ongoing discussions between involved and > interested parties about how this transition could or should look > like. I'm sure, once the dust has cleared, the public will be informed > about concrete next steps. I have to admit I find a great deal of sense made in the first comment on that LWN thread. Honestly, I think the idea of a Firefox phone OS was a nonsensical idea in the first place -- a "jump on the bandwagon" move that does not further any of the Mozilla Foundation's historical core projects in any way that I can see, and diverts resources for no readily discernable long-term gain. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] XUL and Enigmail
On 11/12/15 17:12, Robert J. Hansen wrote: > There are good reasons we haven't gone that route so far. Perhaps you > might want to ask, "So why aren't we using GPGME?" before opining about > how we should be using GPGME? :) "So why aren't we using GPGME?" :) -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/30/15 16:41, Robert J. Hansen wrote: >> I disagree with this general line of reasoning. It's certainly possible >> to get someone to use an encryption tool without convincing them that >> they want encryption. > > I'm going to back Phil up on this one, because I think he's talking > about a specific case rather than the general case. An assumption in which you would be correct. Yes, you can get people who have no interest in encryption and authentication and don't see why they should be of importance to them, to use them ... if they are a transparent integral part of the infrastructure that's active by default and Just Works behind the scenes, without them having to do anything to make it happen. But if they have to use a specific add-on to a specific mail client, and install supporting software, and generate and publish keys, to do something optional and extra that they don't see any good reason why they should do in the first place Nope. Not happening. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 09/23/15 17:04, Robert J. Hansen wrote: > It's because, 99.9% of the time, a bad signature doesn't mean a hostile > adversary -- it means a noisy network. It means an MTA may have mangled > a PGP/MIME attachment, it means a cosmic ray flipped a bit, whatever. The former of which is enormously more likely than the latter... :) (Since a cosmic bit-flip is likely to affect only a single message, while a misconfigured MTA will most likely mangle every susceptible message that passes through it.) > I need to think about this some. I think you're right, but not for the > reasons you set out. I think the functional difference comes from what > a bad signature can tell us about the traffic channel itself -- not what > it tells us about the traffic. I wasn't thinking about "what it tells us about the traffic" so much as "even a failed signature conveys information about the sender's intent". Whatever the reason for the failure. But your point about it telling us about failures in the traffic channel is well made. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 09/23/15 02:23, Daniel Kahn Gillmor wrote: > On Sun 2015-09-20 11:13:36 -0700, Phil Stracchino > wrote: >> A failed or invalid signature is *cryptographically* equivalent to no >> signature; but it is not *functionally* equivalent. Because a failed >> or invalid signature means that the sender *tried* to authenticate the >> message, implying that it may have been important to do so. > > But it doesn't mean this either. a failed or invalid signature could > also mean that someone else (an attacker) tried to convince you that the > supposed sender did something, even though you have no idea what it is. I see your point, ... > I'm with Robert here on the idea that we should not strive to provide a > strong visual distinction between "bad signature" and "no signature" -- > they offer the same level of cryptographic assurance. If we provide > scary UI that says "signature failed, consider checking with the sender" > and nothing scary when there is no signature at all, then an attacker > who tampers with the message can just strip all indications of a > signature before sending it on to avoid triggering the scary UI. ...but still maintain that there is a functional difference between no signature (nothing to see here; move along) and failed or faked signature. Either of the latter may need to be investigated. The former need not be, unless you were *expecting* a signature and didn't get it. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 09/21/15 13:20, Matthew Woehlke wrote: > On 2015-09-20 12:58, Phil Stracchino wrote: >> A Privacy red-flag is a little harder to quantify. About the only case >> I can think of is if a message is encrypted, but with a key that has >> been revoked or does not match the claimed sender. But this should >> probably be considered an Authenticity failure. > > No, actually you were right the first time. Authentication is based on > the integrity of the SENDER'S private key. Encryption is based on the > integrity of the RECEIVER'S private key(s). Doh! You're correct of course. > I could certainly imagine this happening if someone sends you a message > encrypted using an old public key of yours that you happen to know is > compromised, because the sender is not aware that it is compromised / > revoked. Yup. That would be a valid case. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/20/15 14:05, Anne Wilson wrote: > It's a sad fact that a huge proportion of computer users are woefully > ignorant of security - we'd not be plagued by so many viruses, > trojans, keystroke-recorders and the like if this were not so. Very true. I have encountered problems of this type frequently in a professional capacity. (And also its counterpart, users who throw up all kinds of obfuscation and security-through-obscurity measures that accomplish nothing except to make them *think* that they must now be secure, while making it difficult to maintain their infrastructure and therefore often actually making them *less* secure because security patching doesn't get done.) > Don't > be put off, either, by the grandma and grandpa image - just for the > record, I'm 75 and a great-grandma. That's by the way, though. I was > once asked to do a "using the internet safely" talk to a group of > women, almost all retired or soon to be retired people from > responsible jobs who had used computers in their work for years. It > was a shock to all of us, me as the leader of the group, and them as > the listeners. They were stunned by the number of things I pointed > out to them (with screenshots showing where to look) of which they had > been completely unaware. More power to you! My hat is off to you. :) -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 09/20/15 14:01, Robert J. Hansen wrote: > The arguments in favor of trinary: > > * Many users are going to want three states even though, IMO, the third > state is useless. > > A bad signature on an email message, contrary to popular belief in the > community, doesn't mean the message was tampered with. 99% of the time > it's evidence the *signature* was tampered with. PGP/MIME is infamous > here: MUAs play hob with attachments and repackage the signature up in > weird ways. So a bad signature, by itself, doesn't tell you anything > about whether the message has been changed. All that a bad signature > tells you is the sender thought the message was important enough to add > an authenticity/identity measure, but authenticity/identity cannot be > assured. And if we're saying "authenticity/identity cannot be assured", > then really, that's no different from no signature at all -- so it > should use the same black text as no signature at all. Actually, I dispute this. There is an important functional, not just human, distinction between 'Sender made no attempt to provide authentication on this message' and 'Sender attempted to provide authentication on this message, *but something went wrong*'. In the latter case, if it is an important communication, you may wish to contact the sender by other means to verify authenticity. In the former case, there is no reason to do so. It could be crucial to know which case is in effect, but we can't expect users to look at the authenticity details on every message to find out whether there was *no* signature or a *failed* (for whatever reason) signature. So we need the interface to let them distinguish at a glance between no signature and failed signature. It is then up to the user to decide whether or not they need to investigate a failed signature further. > So... yeah. My inner crypto nerd says the binary choice is a more > accurate representation of reality. My inner UX geek says the trinary > choice is what users will want and feel more comfortable with. The nerd > and the geek are fighting for control of my soul. :) In this case, I think the crypto nerd has overlooked an important aspect. :) A failed or invalid signature is *cryptographically* equivalent to no signature; but it is not *functionally* equivalent. Because a failed or invalid signature means that the sender *tried* to authenticate the message, implying that it may have been important to do so. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 09/20/15 08:38, Mike Acker wrote: > if you want a third light it could be for the trust level established > for the senders key: > > > > not signature: pgp wasn't used > unknown: message is signed but we have no information about the signer > untrusted: messages is signed by a person we recognize but we are not > sure if her or she is trustworthy > marginal: marginal trust -- ( I don't like this one ) > trusted: full trust -- we are willing to accept authentication and > trust level information from this source > ultimate: show for messages signed by local user usually in the SENT box This IMO should be in the additional details available by clicking on the privacy or authentication indicators. Make it available to the technical users, but don't default to putting it out in front of the "non-geek" users who may simply find it confusing. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 09/20/15 08:00, Mike Acker wrote: > I'm not sure you need 3 greens though,-- a message for which the > signature verifies becomes "authenticated",-- i.e. we are3 assured the > message is from the person we think it is from -- > > the key is when the signature authenticates you, perforce, have also > verified integrity ( the accuracy of the document content ) > > the option of course is PRIVACY, aka encryption > > I think two greens are enough, then: > > With no integrity indicator, how do you distinguish between an unsigned message, and one which has been signed but the content of the message has been altered post-signature? -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 09/19/15 23:06, Robert J. Hansen wrote: > (Forgive the HTML: this is one of the few times where I think it’s > worthwhile. This email uses color to convey information.) > > So, while relaxing with a good stogie, I started mulling over the UX > problem of communicating information about encryption status, > signatures, validity, and more. I got nowhere, which is when I decided > to burn it all down and start from a clean sheet of paper. And very successfully. Sometimes the clean sheet of paper is exactly what's needed. I like this suggestion a lot. It is simple, unambiguous, and readable at a glance. Any further information wanted by more technically sophisticated users can be obtained by clicking the item of interest to see more details. I would suggest one slight extension to the scheme: The indicators should be tri-state, not binary. Add a red error state as well as a green 'OK' state and the black 'not present' state. A message which is signed, but by a key that does not match the declared sender, or by a revoked key, would display red Identity. A message which has been signed but the signature does not match the content (i.e, the content has been altered post-signature) would display red for Authenticity. A Privacy red-flag is a little harder to quantify. About the only case I can think of is if a message is encrypted, but with a key that has been revoked or does not match the claimed sender. But this should probably be considered an Authenticity failure. Should a message that is encrypted but unsigned be considered an Authenticity failure - or at least an authenticity warning? -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/20/15 07:05, Anne Wilson wrote: > On 20/09/2015 03:17, Phil Stracchino wrote: >> On 09/19/15 21:16, David wrote: >>>> On 9/19/2015 7:31 PM, Robert J. Hansen wrote: >>>>>> With respect to your grandma-and-grandpa comment: we are >>>>>> not interested in aiming Enigmail at people who do not care >>>>>> about email privacy and have no interest in it. Why would >>>>>> we? We're not medieval priests preaching the Gospel to the >>>>>> heathens, infidels, unchurched and unconverted. >>>> >>>> >>>> I see. So instead of a utility that is simple enough for >>>> potentially everyone to use for private emails you are looking >>>> for a 'just for us really paranoid really smart geeks' >>>> application. >> Did you really misunderstand the previous statement that badly, or >> are you deliberately trolling (again)? > > Why is it that whenever someone puts a point of view that is > definitively user-level he is accused of trolling? Robert's reply was > insulting in the extreme. Like David, I wonder why I try to help by > explaining the non-geek viewpoint. Anne, It's not a question of geek vs. non-geek viewpoint. If the "non-geek" viewpoint didn't matter, we wouldn't be having this whole terminology and user interface discussion right now. That's the whole point of the discussion: to try to devise ways to make Enigmail and its use clearer and simpler to the non-technically-inclined. That said, it's necessary to keep in mind what Enigmail's target audience is, and that is people who want a simple, usable tool to encrypt or authenticate their email. But a crucial part of that is the word *want*. No matter what we do to improve or clarify Enigmail's interface, we're never going to get people to use it who don't *want* to encrypt or authenticate their email in the first place. I may be able to build the world's finest and simplest-to-use artificially-intelligent six-axis CNC milling machine, capable of making things you never even knew you wanted made, but I'm never going to sell you one if you *don't want* a milling machine. And so it is with Enigmail. To try to aim Enigmail at meeting the wants and needs of people who have no interest in email cryptography and don't want to be bothered with it is an effort that is doomed to fail. We can never make Enigmail meet what they want from it, because what they want from it is *not to have to use it*. If we do not start out by recognizing that fact, then we are doomed to fail, because we are aiming at the wrong target. You have declared yourself to be non-technical, a "non-geek". But you are here. You're participating in the discussion. You're trying to present your viewpoint. And your viewpoint is exactly what we want, because *you are the target audience*. Because you *want* what Enigmail can do for you, done for you. If you didn't, you wouldn't be here. But our hypothetical grandma and grandpa who have no interest in any of this new-fangled encryption stuff are not part of the target audience. *Not* because they are non-technical. *Not* because Enigmail does not do simply enough the things that it can do for them. But because *they don't want those things done* in the first place. No matter how hard you work at it, you cannot build the perfect lawnmower for somebody whose principal desire about lawnmowers is to *not own a lawnmower*. Because the only perfect lawnmower for somebody who wants to not own a lawnmower, is no lawnmower. Does this help clarify Robert's point? -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/19/15 22:32, David wrote: > On 9/19/2015 10:17 PM, Phil Stracchino wrote: >> On 09/19/15 21:16, David wrote: >> >> Did you really misunderstand the previous statement that badly, or are >> you deliberately trolling (again)? >> >> >> It doesn't matter how easy-to-use you can make a waffle iron, you're >> never going to sell one to somebody who doesn't want a waffle iron. The >> principal reason not everybody owns a boat is because not everybody >> wants a boat. Some people don't have pets simply because they don't >> want to have pets. I don't own a fishing rod, because I'm not >> interested in fishing. > > > Gee you lead a boring life. by my standards at least. We have a waffle > iron, a boat, a cat and a dog, and I fish two or three times a month. Great! You go fishing, I'll go ride my motorcycle. You have waffles, I'll have sushi. :) -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/19/15 21:16, David wrote: > On 9/19/2015 7:31 PM, Robert J. Hansen wrote: >> With respect to your grandma-and-grandpa comment: we are not interested >> in aiming Enigmail at people who do not care about email privacy and >> have no interest in it. Why would we? We're not medieval priests >> preaching the Gospel to the heathens, infidels, unchurched and >> unconverted. > > > I see. So instead of a utility that is simple enough for potentially > everyone to use for private emails you are looking for a 'just for us > really paranoid really smart geeks' application. Did you really misunderstand the previous statement that badly, or are you deliberately trolling (again)? It doesn't matter how easy-to-use you can make a waffle iron, you're never going to sell one to somebody who doesn't want a waffle iron. The principal reason not everybody owns a boat is because not everybody wants a boat. Some people don't have pets simply because they don't want to have pets. I don't own a fishing rod, because I'm not interested in fishing. Likewise, you cannot make somebody who doesn't care about encryption and isn't interested in it use an encryption tool by making it easier to use. Someone who isn't interested in encryption isn't going to use any encryption tool until and unless you can first convince them of why they *should* use it. If you have *that* solved, by all means feel free to explain your solution. In the meantime, for those who actually *are* interested in using email encryption, Enigmail is among the best, simplest to use, and most accessible mail encryption tools out there, and unlike many of the others, it's free. This is not to say that it can't be improved, or that there are not areas where the interface can be made more informative or simpler to understand. But doing so is still not going to attract people who *aren't interested in what it does* in the first place. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/18/15 22:59, Robert J. Hansen wrote: >> "Valid signature using untrusted key..." ? > > I'd actually go even further. I'd break it into two entries: "Digital > signature" and "Confidence". E.g.: > > Digital signature: PRESENT > Confidence level: NONE > > Then let people click on each to get more detailed information. E.g., > if they click on "None" a pop-up window might say, "Although the digital > signature is present, it cannot be verified because you do not have the > sender's public key." I like the idea of separating signature presence/validity from key confidence level. I think this is a better approach than trying to combine two [even related] concepts into a single message. Though I'm not sure about 'PRESENT' as a signature status. Since enigmail does not report anything about a message with no signature or encryption, PRESENT doesn't really contain very much useful information. It's a bit of a NOOP. I started out thinking about three levels of signature status — VALID, INVALID, NONE - but would NONE ever actually get used? If signature status is NONE, the dog doesn't bark at all. And do we also need a PARTIAL? In the case of PARTIAL, which comes up *frequently* on this list for example, it would also be great if we could come up with a way to show *which parts* of a message are signed, and whether those partial signatures are valid. For instance, the message *body* has a valid signature, but an unsigned footer has been appended. > I would also suggest that we consider diverging from GnuPG's > terminology. GnuPG is a command-line application; Enigmail is a GUI > application. Language that makes sense in one context may not make > sense in another. GnuPG needs to deliver maximum information in the > minimum number of words, which means their language will tend to be > terse and cryptic. We don't have that problem. We have the luxury of > room to explain things -- maybe we should consider exploiting that! A good thought. Leverage what you've got, not what some related package is constrained to. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/18/15 16:57, Robert J. Hansen wrote: >> After thinking about this for a time, I'd rather suggest to >> completely remove the feature "Display untrusted keys". > > After thinking about this and the poor-language issue in general, I've > come to the following conclusions: > > 1. I'm absolutely right when I said that we need to only change the > language *once*. > 2. Other people are right when they say that we need to change the > language. > > So here's what I'm proposing: we revisit the language issue ourselves, > right now. If we wait on a loose consensus process, we're never going > to get anywhere. We have to get out ahead of this, drive this, but our > ultimate decision has to be informed by at least GnuPG, and maybe > Symantec's PGP as well. > > The #1 use case is "Untrusted good signature". This is really two > separate statements: "(Non-validated in the certificate sense) (valid in > the signature sense) signature." How should we represent this to the > end-user? If you can't clearly improve on "Untrusted good signature," > then your proposal's probably not going to fly. "Valid signature using untrusted key..." ? -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/16/15 22:10, Daniel Kahn Gillmor wrote: > On Wed 2015-09-16 21:40:22 -0400, Phil Stracchino wrote: >> By all means discuss, contribute and suggest. :) All I'm saying is >> that writing code against other code that you know is about to change is >> usually a bad plan until you know what it's changing to. > > What "other code" are you referring to? The discussion Robert was > talking about is a higher-level, non-code discussion, afaict, where > implementers of OpenPGP tools are trying to come to consensus around > shared terminology so that we can confuse our users less. I was speaking in general principles. The principle still applies, though with a terminology discussion you can to some extent apply individual terminology changes as they are agreed upon. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/16/15 20:09, Daniel Kahn Gillmor wrote: > On Wed 2015-09-16 16:21:12 -0400, Phil Stracchino wrote: >> While your point is in general valid, I suggest that if you KNOW >> something is in flux and do not know yet what its final form will be, it >> is prudent to wait until you know what it's going to look like before >> you rewrite code against it. Rewriting the same body of code twice >> doubles the number of opportunities to introduce bugs. > > The Enigmail team is part of these discussions, and the discussions are > not active enough. Enigmail has an opportunity to stake out space with > reasonable choices. "What its final form will be" will depend on the > information that feeds into the discussion, including information > derived from actual implementers working on improving their actual > software with an eye toward vocab consistency and UI/UX improvements :) > > Without these kind of real-world contributions, the discussion won't > reach nearly as fruitful a conclusion (if indeed it ever concludes -- > hopefully the discussion will be ongoing as more improvements are > found). By all means discuss, contribute and suggest. :) All I'm saying is that writing code against other code that you know is about to change is usually a bad plan until you know what it's changing to. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key Management Owner Trust
On 09/16/15 16:13, Daniel Kahn Gillmor wrote: > On Tue 2015-09-15 12:38:32 -0400, Robert J. Hansen wrote: >> There's some work underway to regularize the language used by OpenPGP >> applications. As Gus said at Circumvention, "Untrusted Good Signature >> just sucks." > > :) > >> I'd much rather we waited to see if anything comes of this language >> regularization attempt before we changed the Enigmail language. If we >> make a change, and then a few months later change it again to comply >> with the regularization, I think that would confuse a lot of people. > > Alternately, we *know* that the existing language confuses a lot of > people, and enigmail has an opportunity to drive the language > regularization process by using a reasonable, clean vocabulary itself. > > I don't think that any enigmail development should wait on results -- > enigmail should help make the results happen. While your point is in general valid, I suggest that if you KNOW something is in flux and do not know yet what its final form will be, it is prudent to wait until you know what it's going to look like before you rewrite code against it. Rewriting the same body of code twice doubles the number of opportunities to introduce bugs. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Feedback / public key attachment?
On 07/16/15 11:13, Phil Stracchino wrote: > For that matter, there is only one PROCESSOR that has ever been formally > proven correct. (And in fact, if we're really going to get picky, questions have been raised about the validity and correctness of the proof.) -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Feedback / public key attachment?
On 07/16/15 09:58, Robert J. Hansen wrote: >> This has been done for the seL4 microkernel. Indeed the formal >> verification embodies a verification down to the actual machine code >> (ARM). There have been isolation and non-interference properties >> proved of this kernel. > > Yes, and I'm very impressed by the fortitude of the seL4 developers. :) > > A microkernel is not a complete operating system, though. I stand by my > original statement that there are no operating systems that have been > formally proven, although there have been some heroic efforts in proving > small but essential components like microkernels, cryptographic code, > and the like. For that matter, there is only one PROCESSOR that has ever been formally proven correct. That is the '80s RSRE VIPER processor, which is/was a 386-class processor that was *specifically* designed from the start by the Royal Signals and Radar Establishment in such a way that it would be possible to formally prove that its design was correct (see http://link.springer.com/chapter/10.1007%2F978-1-4613-2007-4_2). I don't know whether it is still in use, but you can't buy it in any commodity computing device. It was intended for military and civil-aviation applications in which it was considered crucial that the design be error-free. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] some thoughts about usability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/29/15 12:44, Mike Acker wrote: > I think we need to re-think this protocol question: if the user > selects either (a PGP Signature or PGP Encryption or both) and (the > message is in HTML format) then the user needs to use PGP/MIME and > that should be the automatic default. certainly OK to have a > switch to change the message to plain-text and shift to PGP/Inline > but at this point I think most eMail messages are written in HTML. Indeed, the world has dragged us all kicking and screaming to HTML mail whether we want it or not. I am not convinced that it's an overall improvement. (Though I would be less dubious if it were not so frequently used to either spam us or track us.) - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlUYQDcACgkQ0DfOju+hMkksfACfbkmR/oD7bCJbVB/TVFFdYW45 QrYAnjyy7jCFJubeAT1MoYkq3Rx12iNg =hXMW -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Is Enigmail intercepting "missing key"
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/25/15 04:04, Doug Barton wrote: > I was reading some list mail today and came across the attached > with 1.8.1. > > Is this a new thing that Enigmail is doing? If so, how do we make > it go away? > > Doug Ironically, your message failed verification with a bad signature (key 5CC686F11A1ABC84 not found). - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlUSnqsACgkQ0DfOju+hMknaKACg5LAITsnwNjUWAJl9t2Z7MKM9 GOIAoJ+pQLCGud7PXOQDqKGUodqrslpi =USns -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] New 1.8 toolbar on the composition window
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/19/15 10:38, LeRoy wrote: > People do not realize that the minute they use their cell phone > they are transmitting a radio signal that can be picked up by a > scanner. Just noting that some of us are acutely aware of issues like this. :) (On the other hand, some of us take it to the point of raging paranoia. "Yahoo is creating a service to use a smartphone as a token device in order to eliminate passwords." "*YH*, it's all part of a plot to spy on us, we are *so* fucked!" "Microsoft is putting a biometric-authentication capability in Windows 10 using faces, fingerprints or iris recognition, to eliminate regular passwords." "*YH*, it's all part of a plot to spy on us, we are *so* fucked!") > As stated above most people do not want to take the time or the > effort to learn about encryption or even encrypting your hard drive > on your laptop. That makes it too hard to boot for them. When > their computer is hacked, lost, or stolen and their password data > to all their credit cards and suppliers is loosed then they worry. Not to mention thinking carefully about what sensitive data they store on mobile/portable devices in the first place. > It was good practice in the military to answer the phone with the > phrase, "This line is not secure." > > Both my sisters consider me a paranoid old man, but I tend to take > my personal security seriously. Indeed. And so do I. Though I try not to throw the baby out with the bath-water as exemplified above. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlUK9YAACgkQ0DfOju+hMkmqYQCeNb/iLORADXCmu8AvWjglsFlV vqMAnRpAaQuonEMHQ5kTBmErvLTgcfi+ =U87g -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Survey: Inline-PGP or PGP/MIME
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/17/15 13:25, Patrick Brunschwig wrote: > I'd like to share the results of the survey. We got 58 replies, 45 > users / 77.6% would prefer the default to be PGP/MIME. > > The details can be found here: > https://www.surveymonkey.com/results/SM-8ZD2L837/ > > Given the result, I think we should consider changing the default > for future versions of Enigmail to PGP/MIME. I have to admit to being insufficiently knowledgeable about the merits and drawbacks of each to have a meaningful opinion. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlUIaYMACgkQ0DfOju+hMknn/wCfUseclpxRfi7KDTi+I+6sckoE vfoAn2DO9Ev6Q5ZhfQMqiTy3mjGXFDCv =mrlB -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] General Opinion and unverified bug
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/08/15 16:05, Kristy Chambers wrote: > The usability team consists of some people, like Robert, who "has > lifelong close affiliations with government and law-enforcement". > Maybe he is an NSA-agent with an interest to make the usability of > Enigmail bad. To do this, he doesn't need to do something > actively. He just needs to nothing, as long as people like here in > the thread are cheering like Enigmail is the usability-friendliest > tool in the world. As far as I know, Robert actively defends to > stay with the usability-unfriendly terms of Enigmail in the > Enigmail project. If the Enigmail project wants to establish high > standards. People like Robert shouldn't be in the usability team." > > As I mentioned, I "played" the crowd. It doesn't reflect my > opinion. It should only show, how irrational itself it is to take > irrational garbage seriously. Just in the interest of speculative tinfoil, if Robert wished to harm the success of Enigmail and its goals, all he would need to do would be to make a few significant code contributions without saying anything about his background, and then some time later let his affiliations and associations be "discovered". This would probably irrevocably taint much of the Enigmail codebase in the eyes of many people. That said, if I were in Robert's position, I would do exactly as he has: refuse to touch the code and say, clearly and up front, "And this is why I cannot." Where I have seen Robert tender opinions on usability issues, they have as far as I recall been suggestions to improve usability while maintaining security, or improve security while preserving usability. I find no fault with either. However, security is a complex field, and there are things that simply must be done right, and a certain minimum level of understanding is *necessary* in order to do those things right. There is only just so much that it is possible to simplify the software interface to those tasks without jeopardizing security, and that is a poor trade-off. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlT8wOEACgkQ0DfOju+hMklpgQCgm0/KpJBpUjxndIzDBKZtx226 KU8AnAmUptI92dSihax0zypnjyTogFq2 =KhIt -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] From Circumvention
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/07/15 19:02, Doug Barton wrote: > Compare this for to get an idea of my context ... > > https://panopticlick.eff.org/ "Your browser fingerprint appears to be unique among the 5,091,038 tested so far." - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlT8i1AACgkQ0DfOju+hMklPHwCg186ldjkuhnwVC/usn9cZ9Rby tqMAnjC+fEd1k+o1vxAtAweLtBwDtsqX =oJIX -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] From Circumvention
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/06/15 19:23, David wrote: > On 3/6/2015 3:37 PM, Phil Stracchino wrote: >> On 03/06/15 15:16, David wrote: >>> I am confused by this request. What difference does it make if >>> 'someone else' knows whose public is on your public keyring? >> >> If they know whose public keys are on your keyring, they know who >> you talk to. You may not wish them to know this. Depending on >> who you are and who you talk to, their knowing it could be very >> dangerous to you. > > > > You are aware that the *body* of the message is encrypted but the > *header*, the email address you send to and the email address that > you send from, and the complete path of all the email servers that > the emails traveled though, is still open to the world? And that > those emails are stored on all of those servers. Or at least they > used to be stored. > > Which means that the whole world 'knows' just who you send emails > to and receive emails from? You are using Thunderbird on a Linux > OS. > > Select an email that you have sent to your friends, or one that > they have sent to you, or anyone, and press Ctrl-U to open a new > window of information. read carefully and closely. > > So if some admin of a key-server in some place 'knows' who you is > on your Public-Keyring for email it is of little importance. Yes. But if certain addresses are on your public keyring, then the odds are you are having conversations that you consider "sensitive" with those persons. And if one of those persons is a Person Of Interest, then you just became a Person Of Interest yourself. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlT7QfQACgkQ0DfOju+hMknNHACfX4gZluQEwEnWz4FxJkj5GKIH Wf8An3DJ9y31lvufEblldkm269wyRb0x =v62W -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] From Circumvention
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/06/15 15:16, David wrote: > I am confused by this request. What difference does it make if > 'someone else' knows whose public is on your public keyring? If they know whose public keys are on your keyring, they know who you talk to. You may not wish them to know this. Depending on who you are and who you talk to, their knowing it could be very dangerous to you. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlT6EAEACgkQ0DfOju+hMkl76QCgzmwzlcra/hsVbwi4bbM33nff S90AoJ1h0QJIRA67IWI278M5DJr6iPEJ =iAKf -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] From Circumvention
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/04/15 07:18, Patrick Brunschwig wrote: > On 03.03.15 15:44, Robert J. Hansen wrote: >> 4. If you've disabled encryption and/or signing for a message >> (when it would normally be present), Enigmail is too polite >> about it. They'd like to see a red banner or somesuch, warning >> the user "You have manually disabled encryption and/or signing >> for this email". The icons, although accurate, are too easy for >> newcomers to overlook. > > The quickest fix could be to change the color of the text. That would certainly be eyecatching and un-missable. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlT3NyoACgkQ0DfOju+hMkm9vwCfalLVrfvOWRzp03nSz0Uu25eA RSgAoMQiFoeN7vumkKfhQpuvGMKenip5 =N1rz -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Help about few strings (and new lines within a string)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 02/12/15 14:50, Besnik Bleta wrote: > Më 02/12/2015, 06:37 PM, Patrick Brunschwig shkroi: >> On 12.02.15 15:07, Besnik Bleta wrote: >> >>> Hello, >> >>> I would appreciate if someone gives a bit of help about the >>> following strings: >> >> >>> 1. "Error - No valid armored OpenPGP data block found" >> >>> Does "armored" refer to some specification or is just kind of >>> metaphor/description? >> >> "armored" is the term used by GnuPG to identify a part in the >> message that is signed, encrpyted or contains key data. It is >> always data between the following two lines, where "..." >> describes the type of information to follow (e.g. PGP SIGNED >> MESSAGE) >> >> -BEGIN ...- (data) -END ...- >> >> I'd say it's a metaphor. Actually, "armored" refers to taking binary data that may not pass cleanly through older mail systems without corruption, and encoding it into an ASCII form that can be transmitted over channels that are not 8-bit clean. The most common encoding used for the purpose is BASE64. The original term was "ASCII-armoring", and what it is 'armoring' the message against is unintentional corruption on its way through legacy mail systems. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlTdB3oACgkQ0DfOju+hMkk3WACdHjcM9RIrDRZl3gBBm2xF7DZB 3D8AnjD7OQzxqi7qVjqRdR0H4jFxeOQc =UHMP -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Medium Term Plan for Dropping GnuPG 1.4.x Support
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 02/07/15 01:04, Doug Barton wrote: > On 2/6/15 3:58 PM, Robert J. Hansen wrote: >>> ... except that the support for GnuPG 2.0.x is already in >>> Enigmail. >> >> You're misunderstanding who I'm talking about when I say "we're >> caught flat-footed." I don't mean us-the-developers. I mean >> us-the-community. If 1.4 gets EOLed there's going to be a mad >> rush of people trying to upgrade, and then that tidal flood >> you're worried about *will* happen. > > You're contradicting decades of experience with users being dragged > kicking and screaming to upgrade to new versions of things, long > after the one they're using is EOL. How many requests for help do > we get on gnupg-users related to prehistoric versions of PGP, for > example? I still get calls and tickets at my job from customers looking for support on MySQL 4. Occasionally even MySQL 3. They are running commercial sites on MySQL versions that have been end-of-life for over ten years. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlTWX5EACgkQ0DfOju+hMknACQCgxu0Hjg0weJ5iwyl3N51dZ4ad q3kAniSZny0MmVWhUyqGUXTQuNuKwM+h =D6qJ -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] BCC issues 1.7.2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 01/06/15 11:23, Patrick Brunschwig wrote: > If you think this should be changed, then you're invited to > discuss this here. I never use BCC recipients in conjunction with > encryption, so I can't really estimate how to proceed here. I tend to agree; I have a little difficulty imagining a plausible real-world scenario in which you would want to send Alice an encrypted message and bcc: Bob on it. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlSsGj4ACgkQ0DfOju+hMkk9aACg+D6ST0bqywP7KyJ15B5zeZhx eisAoPQrmt7+e7dCyIrNKVNP/XjXgLoi =+IzN -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] General Opinion and unverified bug
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 01/04/15 13:19, Robert J. Hansen wrote: > In the modern era, we are *all* in the intelligence business… a > fact which, I think, is poorly recognized by the world. I'm quote-filing that. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlSpkHsACgkQ0DfOju+hMkk5kQCgtBDAOSbMRT5BH79NvaF8hrSJ ErgAoOMXeMABYJEg6YvvDYkl3iOZRO7i =wg+Q -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Thank you
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 01/01/15 16:29, Onno Ekker wrote: > Hello Enigmail developers, > > I'd like to thank you for all the good work you do on developing > Enigmail. As an add-on developer myself I know how much work it is > to keep things working on all different platforms and add new > features. Seconded. The hard work on Enigmail is appreciated. It may not be perfect, but it's what we have. The perfect is the enemy of the good, but the good can be made better if we know what's wrong with it. (I personally would love to have the time and energy to contribute to coding myself. But right now, and for a long time, I don't and haven't.) - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEAREIAAYFAlSlzTQACgkQ0DfOju+hMkm0HwCfaBfbC4tPiDgaUHIH0OuMlfmO KkUAnjiHGKEUs8b3FbrgLAoSEw8Jpdpr =sPNW -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Is this tool thrustwothy anymore?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/06/14 17:44, Håkon Apelseth wrote: > Suddenly after several years without doining anything with this > addon (I though was disabled and removed long tima ago) in my > thunderbird 24.6.0 it has started to crypt 1% of my emails. I have > no idea why and when this addon startet to mess stuff up but now > i'm on really deep water and do regret big time i was foolish > enough to use freeware ant not use a commercial alternative. > > > I do not expect this issue to be solved and pretty much feel my > self to blame to be foolish enough not going for a commercial tool It's telling you that the public key that it needs to verify the signature on a message you received is not available. Have you changed anything in your setup or network configuration recently, before you start blaming a perfectly serviceable tool? - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlQ0M6AACgkQ0DfOju+hMkl4pwCgvjpMZP4VrYmzEBRZjYsfzfzu enkAnjzVEpSwiTdNvYSGbyINbPkP81JH =GDXx -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Key management by users, and key use by Enigmail/GPGWin/etc.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 08/06/14 10:24, Robert J. Hansen wrote: > Exactly what I said. USB is completely broken as far as security > goes. A USB device cannot be made secure. Thumb drives are malware > vectors par excellence, and with some of the recent attacks which > work by exploiting the firmware things get even nastier and harder > to defend against. If you're concerned about a remote attacker > exploiting your system from afar, you should also be concerned > about a remote attacker rooting your box and exploiting the hell > out of your USB stack. It should also be pointed out that if your system is secure, then storing your keyring on your computer is safe anyway; but if your computer has already been compromised, then storing your keyring on a USB stick, which must be mounted on your already-compromised computer to use it, is AT BEST no more secure than storing the keyring on the computer in the first place was. And it may be *worse*, because the compromised computer may use the USB stick as a vector to compromise other computers you have that were previously secure. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlPicqkACgkQ0DfOju+hMkln5gCg+8zZods2Le69kR85aZ6dWNtZ sXwAoJGG8+UcJzeBnaZqYnfQTAegO2Du =Ql9U -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Video of my privacy & enigmail talk at NDC conference available
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 06/10/14 22:04, afreewoman wrote: > Errr...that's not the first time I've done that! The center is real > - did you search for it? The center exists, indeed. That's about the point at which reality and the nsa.gov1.info parody article part company. Someone had great fun putting that article together, but one should not base life choices or technical decisions on it. I share Robert's grave skepticism that any intelligence agency in the world (except maybe North Korea's) would publicly announce that they were close to cracking AES128 except as a move to spread uncertainty and doubt. As for SHA512 being under threat? That is simply ludicrous. Barring completely paradigm-shattering breakthroughs in both cryptography and information theory, there are sound and convincing reasons in the laws of physics and information theory for believing that not only is it computationally infeasible now for us to mount any kind of realistic attack upon SHA512, but it will forever remain computationally infeasible. In fact, to enlarge upon that, there are strong arguments (again based in physics and information theory) that a successful attack against SHA512 would require the resources of a Type 3 Kardashev civilization. We are not yet a Type 1 Kardashev civilization, and not likely to become one during the lifespan of any person now alive. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlOYYkIACgkQ0DfOju+hMklyFACfVPl0v9cuWfkNEabJxWgwQR4h TX4An3HDZvz9w4pl63oNyVfyTrK0t0C9 =Vw8L -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Video of my privacy & enigmail talk at NDC conference available
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 06/09/14 18:13, afreewoman wrote: >> No, we don't. > > Response: http://nsa.gov1.info/utah-data-center/ I refer you to the footer of that page: "This is a parody of nsa.gov and has not been approved, endorsed, or authorized by the National Security Agency or by any other U.S. Government agency." - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlOWNeoACgkQ0DfOju+hMkl7fQCghoVCC46PO1rZZCdHt6Tn0Uj3 aPkAoIRCo2UWZWcMTbswU9+0FpBYUbK6 =qbg7 -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Searching
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 05/20/14 22:45, Robert J. Hansen wrote: > On 5/20/2014 10:25 PM, Phil Stracchino wrote: >> If you come up with a better way, the NSA has a well-paying job >> waiting for you. > > Already done, actually. Homomorphic encryption systems let > end-users perform specific kinds of computation on ciphertext to > produce an output which, when decrypted, yields the result of doing > those operations on plaintext. Unpadded RSA is partially > homomorphic; however, (a) it's not homomorphic in the ways that > would be useful to this problem, and (b) it's stupid to use > unpadded RSA and the OpenPGP spec prohibits it. > > But, yeah. Homomorphic systems exist, and they support really > weird things like this. But OpenPGP isn't a homomorphic system and > thus all this talk is of no real utility to us. > > But they're *cool*, darn it all. :) Well, yeah, very true. I did actually think about homomorphic systems myself, just couldn't recall the term offhand. But now tell me the NSA doesn't have some well-paid people working on homomorphic systems. :) - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlN8GQEACgkQ0DfOju+hMknUtwCg4sCvFF5aHqCHLCbe+8xoWpcb DUsAoPcR/V8iBA4fSX5AO5mprMcQAaIN =q+BH -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Searching
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 05/20/14 21:57, Someone wrote: > I understand why it would be tricky, but does anyone know of any > methods or hacks to achieve a search of encrypted email? Decrypt it all and search the cleartext. If you come up with a better way, the NSA has a well-paying job waiting for you. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlN8DqgACgkQ0DfOju+hMkkzuQCgiQcR0yz/KbnJApGkPkt46kyl /bgAn2bRtnLCfk3FcoRgjmCzS/Xhmkl2 =1MoC -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] question regarding a new sending preferences layout
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 05/04/14 08:41, Philip Jackson wrote: > On 04/05/2014 14:00, Nicolai Josuttis wrote: >> Just as a explanation: - Convenient encryption would select: - >> accept ALL keys (trust-model always) - auto send encrypted if I >> have accepted keys - Confirm before sending: never - Thorough >> encryption would select: - accept only valid keys (WoT model) - >> never automatically send encrypted (except rules) - Confirm: >> always > > I fear that it will be difficult to find a choice of 2 short labels > for your 'convenient' and 'thorough' buttons which will be clear > and not misleading. Perhaps the 'convenient' could be labelled > 'handy but with risks' and 'thorough' could be labelled > 'thoughtful'. It appears to em that terms like 'thorough', 'careful' are scarcely even applicable to what you're trying to accomplish here. Mode 1 is basically 'Encrypt whenever possible' or 'Encrypt always'. Mode 2 is harder to define -- the best I can come up with is, 'Encrypt manually ONLY'. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlNmX44ACgkQ0DfOju+hMkklagCdFkMnAcGd3kVp7SdIOgiVaTwp ZrUAoKVVJMPKnc3jVfUIeJwwqHwPAVh1 =DBGw -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 04/27/14 13:40, "Prof. Jorge A. Torres Bauzá" wrote: > Hi, is common that the Wizard takes hours generating the keys. > Thanks. -- */Jorge A. Torres Bauzá/*, Catedrático Asociado What size key are you generating, and on what hardware? Generating a 4096-bit RSA key on old hardware could take quite some time, though I'd be surprised if it took hours. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlNfp3wACgkQ0DfOju+hMknXygCfZP6cNN5NDxarOaND41SCcpKd LmAAn1cCfX9eddjyfGVf58dRMQ17qf6T =hraR -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] starting to use enigmail on thunderbird
On 04/26/14 23:29, anatak wrote: > Would someone be so kind to let me send her/him an encrypted email to > test ? > I just installed the enigmail plugin for thunderbird. I could send a > signed message to the open pgp mail robot, Adele and i would like to > test sending and receiving encrypted mail. > thank you very much > Wim Feel free. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] What about PGP/Header support?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/16/14 16:56, Egbert van der Wal wrote: > Oh, I most definitely can send an encrypted message to anyone. The > recipient will not be able to decrypt it since I don't have his > public key so I'll have to use some random other key, but I can > send him an encrypted message. Well then you aren't sending him a useful encrypted message, unless you plan to get an encryption key to him separately either now or at some later date. You're just sending binary noise. Now that said, I can see a situation in which Alice might send Bob a message encrypted only to Charlie, and tell Bob, "Forward this message to Charlie if and *only* if something happens to me." - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlMmIRQACgkQ0DfOju+hMkmPxwCcDRIihK9AyjkTl8CPpmPmQZPc 608AnRRMk2NvvIs3qQO9jXeIwyYzHMdW =EhRt -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] What about PGP/Header support?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/16/14 08:21, Jean-David Beyer wrote: > On 03/15/2014 02:28 PM, Egbert van der Wal wrote: >> I actually see encryption as less of an issue. When I send an >> encrypted message to someone, I need to know for sure that the >> recipient knows about PGP encryption and knows how to decode it. >> If I send an encrypted message to someone who does not use PGP, >> he/she cannot read it, no matter what. > > How do you send an encrypted message to someone who does not use > PGP? You need his public key to do that. Exactly. How are you going to send an encrypted message to someone who does not have a public key? You can't. Period. Unless you separately arrange a symmetric encryption key to use or pre-arrange to send a symmetric encryption key out-of-band. It's a non-issue from the point of view of Enigmail. If you *can* send someone an encrypted message, you have their public key. If they don't have one, you don't have it either, and you can't. End of story. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlMl+d4ACgkQ0DfOju+hMkkmPACglLEX3Ck6PjsHRz9j0unq6maY mhIAoMbURRphgGtl9mzuhQlFCmWPjJ8b =8A5S -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Hello, World!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/07/14 09:40, Anne Wilson wrote: > On 05/03/2014 19:19, Phil Stracchino wrote: >> On 03/05/14 13:56, Wayne Ernst wrote: >>> Phil, > >>> Thanks for letting me know- I thought I'd done that, but I >>> guess not! > >>> Is it showing up, now? > >> No, your key is still not available from the keyserver network. >> Go to your OpenPGP menu, select Key Management, and from the key >> list window which will open, go to the Keyserver menu and select >> Upload public Keys. > > I believe that it can take some time for keys to proliferate > across the various keyservers. If in doubt, upload it to more than > one. It shouldn't do any harm, and might speed things up. > > Anne It's there NOW, by the way. UNTRUSTED Good signature from Wayne Ernst Key ID: 0x2AB945F7 / Signed on: 03/05/14 13:56 Key fingerprint: FFD2 D6AC 430B B6F6 162A 5D61 F3D7 C78F 2AB9 45F7 Wayne, feel free to send me an encrypted message off-list if you want to test encryption. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlMZ8aoACgkQ0DfOju+hMkmr8gCfdFylgeQl0hNPSjhL18XpaaMM /k4AoItftDE0kKoaPuYW2WkjLWUNdBti =t9/m -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Hello, World!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/05/14 13:56, Wayne Ernst wrote: > Phil, > > Thanks for letting me know- I thought I'd done that, but I guess > not! > > Is it showing up, now? No, your key is still not available from the keyserver network. Go to your OpenPGP menu, select Key Management, and from the key list window which will open, go to the Keyserver menu and select Upload public Keys. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlMXeM8ACgkQ0DfOju+hMkltdQCcDA/yyi+BtLgZ/t5lAfkS+65b w54AnRai83526UIM+gqbsUoie7vzhMZk =DCBD -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Hello, World!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/05/14 14:03, Ludwig Hügelschäfer wrote: > On 05.03.14 19:47, Phil Stracchino wrote: > >> Your signature cannot be verified because you have not uploaded >> your public key. > > Well, it was attached to his mail ;-) > > Ludwig Well, *yes*, but that doesn't get it onto the keyserver network. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlMXeFsACgkQ0DfOju+hMknbZwCdGLmiMEtkWmE0YH0Hsdwe/cXm U1UAn1DgmHtSsNYy//jDewyJT5taqroL =mD22 -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Hello, World!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/05/14 13:15, Wayne Ernst wrote: > Hi, Folks, > > Just looking for someone to test public/private key stuff with. > Anybody who'd be willing to help me test my encryption/etc would > make my day. > > Thanks, a bunch! > > Wayne gpgkeys: key F3D7C78F2AB945F7 not found on keyserver Your signature cannot be verified because you have not uploaded your public key. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlMXcVgACgkQ0DfOju+hMkkstgCgnW0KJX68G+wCtqPdE655Z5jo rN4AoIkKHximAOi4hu5TQPsdPf35DfOl =l/XE -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] security violation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/01/14 14:11, Philip Jackson wrote: > Yes I'm new to this aspect of this type of mailing list and > although I've been subscribed since mid December, this is the first > 'monthly' reminder I've received. > > I've already taken care of removing this option from my > configuration page. It still surprises me that it would exist as a > feature for monthly reminder in clear text. I can understand that > the facility to be reminded of forgotten passwords could be > appreciated by some - but a regular reminder ? You probably would not believe the number of people who sign up for mailing lists, forget their password, forget they signed up, then six months later start spamming the list with "WHY ARE U SENDING ME ALL THIS SPAM? I DID NOT JOIN UR LIST. UNSIBSCRBE ME PLS." This is why it is a standard feature of the Mailman list management software and why it is enabled, by default, for all users on all lists. If you don't want it, turning that preference off for yourself is precisely the correct response. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlMSOIQACgkQ0DfOju+hMkm9lgCfc9u27niRuDRfkTFGZRp460xk gOgAn0li0TxMPJLnBZ30W6u3Q7+xV5UQ =0Gon -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Opportunistic encryption?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 02/10/14 17:22, Jean-David Beyer wrote: > On 02/10/2014 04:37 PM, David wrote: >> On 2/10/2014 3:59 PM, Jean-David Beyer wrote: >>> On 02/05/2014 09:48 AM, jan wrote: >>>> implement much automation into Enigmail. One major task >>>> would be automating to find keys for recepients and encrypt >>>> emails if possible. > >>> What good is it it encrypt e-mail to most of the recipients? >>> If you send it unencrypted to even one, have you not given up >>> on encryption? The black hats would not need to decrypt all the >>> messages sent, only one, and if one is unencrypted, that sure >>> makes their job easy. > > >> How do you plan to send encrypted emails to people that do not >> use encryption? > > I don't. > > But if I am OK with sending it to someone not using encryption, > why bother to encrypt it to the others? Once leaked, it is leaked. How does this argue against automatically encrypting email to recipients for whom you have a key? You don't send EVERY message to multiple recipients, do you...? - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlL5VMAACgkQ0DfOju+hMknGOACgsBhYsewKGnHbJpELZdBIFgDT xJsAn3pRyF/S4BMaRht+L5dWEFn5uVc+ =+1H3 -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Jan 28th Data Protection Day?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 01/29/14 15:00, AFreeWoman wrote: > caerllewys.net - babylon site. your email host. If you had *anything* execute on your machine as a result of visiting www.caerllewys.net, I would like to know exactly what URLs you looked at and what was executed. There is no DOS executable content anywhere on the site that I am aware of, and it would be difficult (though I concede not impossible) for such to be hidden from me. - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlLpYS0ACgkQ0DfOju+hMklswgCbBZUdZKs47tODoUrbkdIOLs8K xxYAnjq4w35Rewr4iApAoERSPExLCuAp =Y+XF -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Jan 28th Data Protection Day?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 01/29/14 14:35, AFreeWoman wrote: > Gee thanks, Phil. I just visited your site and it ran code on my > machine from a DOS command. wtf? Um, excuse me...? You visited what, exactly? - -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlLpW8cACgkQ0DfOju+hMkmhNwCg73npn+ODS/Ugnf3j4LGAQ8HB Iv4AnRufbaZjFUhZi8D8YnyqQocZ4d3L =p+YH -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Jan 28th Data Protection Day?
On 01/29/14 14:15, AFreeWoman wrote: > Council of Europe designated it: > " > > The aim of Data Protection Day, which is marked on 28 January each year, > is to give citizens an opportunity to understand what kind of data about > them is collected and processed, why this is done, and what rights they > have in respect of such processing. It is also an opportunity for them > to become more aware of the inherent risks associated with the unlawful > use or clandestine processing of their personal data. > > " > http://hub.coe.int/event-files/our-events/28-january-data-protection-day Whereas here in the US, we are informed... ...[crickets] -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] 32 bit vs. 64 bit ?
On 01/27/14 21:55, Wayne wrote: > Migrating from Windows Vista 32 bit to Windows 7 64 bit. Is this going > to be an issue ? Any suggestions on the best way to migrate this > program ? Any help would surely be appreciated. Don't worry about it. Thunderbird and Firefox are only distributed as 32-bit executables for Windows anyway, to the best of my knowledge, and Windows 7 x64 has a full 32-bit emulation layer and will quite happily run 32-bit Windows PE executables. (I do advise going with at least Windows 7 Pro if you haven't already purchased. If you have and you bought Home, consider buying an online upgrade to Pro from Microsoft. In the Home series, several important pieces of functionality, including the backup program, are intentionally crippled.) -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
