Re: Network Neutrality
On Fri, 2006-03-17 at 07:09 -0800, Robert Wohleb wrote:
> This morning I was
> surprised to find my download and upload speed higher than normal. Hell,
> a 2.8GB download i supposed to complete in 12 hours. That hasn't
> happened for a while on Cox. Hopefully this isn't a fluke. I'll report
> back if this keeps up.
As far as I can tell, Cox stopped sniping bittorrent and gnutella
connections with reset packets the day or the day after I told them that
I'd expose their practices. Maybe they started again afterwards. Or
maybe they only stopped corrupting my and my friends' traffic.
If encrypting your connections gives a speed boost, then maybe some more
investigating needs to be done.
> I'm sure it is also only a matter of time before
> Cox gets around this if this is really helping.
I doubt it. Provided that bittorrent end to end encryption means
something akin to Diffie-Hellman key exchange at the start of each
connection, there are two ways "around" this, that I can think of, both
of which suck for Cox:
1. Content-based whitelisting, meaning you can't make any kind of
connection in or out unless Cox can identify the type of traffic by its
content.
If Cox can't determine the content of the connection because it's
encrypted and Cox has not broken the encryption, then Cox terminates the
connection. This would mean lots of work for Cox, and lots of support
calls from lots of unhappy customers ("My streaming video never works!"
"I'm sorry, but we haven't programmed our systems to track all of your
streaming video viewing yet. You'll have to wait.").
2. A man in the middle attack, meaning Cox decides to break the
encryption, which is a mostly straightforward process in this case. This
creates several interesting problems.
The first is that Cox would have to attempt such an attack on each
unidentifiable connection ("Oh, that's not HTTP. Better mess with it.").
The result would be that any connection using a protocol that Cox's
system isn't set up to interpret and that is NOT using bittorrent end to
end encryption (think multiplayer games, NFS, whatever) would almost
certainly be corrupted. This is maybe worse for the end user than
whitelisting.
The second is that provided Cox wants to keep its activities secret (as
seems to be the case so far), it would have to throttle encrypted
bittorrent connections instead of terminating them entirely. That would
mean that a Cox computer would have to participate in each encrypted
connection from start to finish. Let's be conservative and say that
there are 5,000 bittorrent connections in and out of humboldt county via
Cox's network at any given time. Then Cox's servers would have to
perform the encrypting and decrypting work normally parcelled out to
10,000 home PCs continuously.*
Eric
*P.S.
There is a neat game to be played here. Suppose that Cox can purchase
enough computing power to do the job (hardware+software+electricity
+maintenance), and that the massive P2P throttling system pays for
itself in bandwidth savings. Then suppose peer to peer developers start
layering symmetric ciphers. Then the CPUs participating in the peer to
peer network will be a little more loaded down, but Cox will need a much
larger throttle farm to do the job. Will P2P users not be able to
participate in the network because they don't have fast enough computers
to do all the encryption? Or will Cox decide that the throttle farm
costs more to operate than they are saving in bandwidth? Who will give
up first?
signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Error: "unusable public key"
Alphax wrote:
You haven't specified that the key is trusted in the local trustdb.
Thanks! That did it. For some reason my gpg on the server didn't like
the --trust-model option ("invalid option") either on the command line
or in gpg.conf. But I updated the trustdb and that worked.
Cheers,
Daniel.
--
/\/`) http://opendocumentfellowship.org
/\/_/
/\/_/ A life? Sounds great!
\/_/Do you know where I could download one?
/
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Force GPG to write a file?
Hi all, Last question :) By default, gpg will refuse to write to a file (myfile.gpg) that already exists. Is there a way to change this behaviour? I am running gpg on batch mode on a server to encrypt a database before downloading. So I need to temporarily store the encrypted file on the server. There are two ways to accomplish this: 1) Give Apache write permission to an entire directory, so it can add and delete files in that directory. 2) Give Apache write permission to just one file (myfile.gpg) and keep overwriting every time I download a new encrypted backup. Right now I'm doing (1) but I guess that (2) would be better. But I can only do (2) if I can confince gpg to overwrite an existing file. I looked at the man page and FAQs and I couldn't find this information. Thank you for your help. Cheers, Daniel. -- /\/`) http://opendocumentfellowship.org /\/_/ /\/_/ A life? Sounds great! \/_/Do you know where I could download one? / ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Passphrase on the command line
Hello, This should be a simple question. What is the recommended way to decrypt a file from a script that runs on a cron job? This is what I have so far: cat passphrase | gpg -o MyData --passphrase-fd 0 -d MyData.asc Where 'passphrase' has the chmod permission 400. Is this the best option? Background: I want to setup a cron job to regularly download an encrypted backup of a database, decrypt it, and store it here (this computer then gets backed up onto tape drives). Thank you for your advice. Cheers, Daniel. -- /\/`) http://opendocumentfellowship.org /\/_/ /\/_/ A life? Sounds great! \/_/Do you know where I could download one? / ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
segfault in gnupg14 (was: How to sign with non-subkey?)
On Tue, 21 Mar 2006, Simon Josefsson wrote: > [EMAIL PROTECTED]:~$ echo foo |gpg -a -s -v -u b565716f > gpg: using subkey AABB1F7B instead of primary key B565716F > gpg: writing to stdout > gpg: using subkey AABB1F7B instead of primary key B565716F > gpg: RSA/SHA1 signature from: "AABB1F7B Simon Josefsson <[EMAIL PROTECTED]>" > -BEGIN PGP MESSAGE- > Version: GnuPG v1.4.2.2 (GNU/Linux) > > owGbwMvMwMS4XF34xKrd8tWMp7mSGFwURP6l5edzdZxiYWBkYjBhZQKJ6Io0MACB > KAN/QXaibmJKSlFqcbFDel5pQbpeflF6VmKxQ2pFSWleSr5ecn4uAxenAMzQy+bM > /4v/zBGfa+XAOvOGXqTUwQde0rPmL9P6KDS/8HLSjbKjN5fM+bfO0StszgfhZK0N > R3X5lKuSzsUa1B5fWvKed/HOTZ9rbrUw8ZdwuT9d33bV/8xzcbFLe+y//76ttcg8 > v3G1sbjG1kSh62GcnIEmgay1uU4C06ezaT7wbJ1222IN60yGD7w3DwAA > =HgpN > -END PGP MESSAGE- > [EMAIL PROTECTED]:~$ While handling this block my gpg segfaulted. | [EMAIL PROTECTED]:~$ gpg < blurb | foo | gpg: Signature made Tue Mar 21 16:00:14 2006 CET using RSA key ID AABB1F7B | | gpg: Segmentation fault caught ... exiting | zsh: segmentation fault gpg < blurb After enabling coredumps: #0 0x08066b35 in is_valid_mailbox (name=0x20 ) at misc.c:1112 1112 return !( !name (gdb) bt #0 0x08066b35 in is_valid_mailbox (name=0x20 ) at misc.c:1112 #1 0x0806111c in get_pka_address (sig=0x8188cf0) at mainproc.c:1350 #2 0x08061198 in pka_uri_from_sig (sig=0x812f9c0) at mainproc.c:1377 #3 0x08062181 in check_sig_and_print (c=0x8133820, node=0x812faf8) at mainproc.c:1576 #4 0x080628cb in proc_tree (c=0x8133820, node=0x8131698) at mainproc.c:1965 #5 0x0805e84c in release_list (c=0x8133820) at mainproc.c:97 #6 0x08060ed1 in do_proc_packets (c=0x8133820, a=0x812d538) at mainproc.c:1323 #7 0x08060c8e in proc_packets (anchor=0x8188cf0, a=0x8188cf0) at mainproc.c:1135 #8 0x08054c22 in handle_compressed (procctx=0x8188cf0, cd=0x812d490, callback=0, passthru=0x8188cf0) at compress.c:326 #9 0x0805fcf8 in proc_compressed (c=0x8131638, pkt=0x812d480) at mainproc.c:756 #10 0x08060f28 in do_proc_packets (c=0x8131638, a=0x812d538) at mainproc.c:1281 #11 0x08060c8e in proc_packets (anchor=0x8188cf0, a=0x8188cf0) at mainproc.c:1135 #12 0x0804fc75 in main (argc=0, argv=0xbf9db188) at gpg.c:3736 full: #0 0x08066b35 in is_valid_mailbox (name=0x20 ) at misc.c:1112 No locals. #1 0x0806111c in get_pka_address (sig=0x8188cf0) at mainproc.c:1350 pka = (pka_info_t *) 0x0 nd = (struct notation *) 0x8188cf0 notation = (struct notation *) 0x8188cf0 #2 0x08061198 in pka_uri_from_sig (sig=0x812f9c0) at mainproc.c:1377 No locals. #3 0x08062181 in check_sig_and_print (c=0x8133820, node=0x812faf8) at mainproc.c:1576 uri = 0x8188cf0 "[EMAIL PROTECTED]" sig = (PKT_signature *) 0x812f9c0 astr = 0x810c42a "RSA" rc = 9 is_expkey = 0 is_revkey = 0 #4 0x080628cb in proc_tree (c=0x8133820, node=0x8131698) at mainproc.c:1965 n1 = 0x812faf8 rc = 135826672 #5 0x0805e84c in release_list (c=0x8133820) at mainproc.c:97 No locals. #6 0x08060ed1 in do_proc_packets (c=0x8133820, a=0x812d538) at mainproc.c:1323 pkt = (PACKET *) 0x8131790 rc = 0 any_data = 1 newpkt = 0 [...] Latest svn on ia32, debian sarge. -- PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred.| : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `-http://www.debian.org/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Passphrase on the command line
The documentation does not recommend this. Since you appear to not want to store the ciphertext but the plaintext, an encrypted network transfer seems appropriate and less expensive. Write the backup to an ssh pipe instead of a temporary file. Stef http://caunter.ca/contact.html On Wed, 22 Mar 2006, Daniel Carrera wrote: Hello, This should be a simple question. What is the recommended way to decrypt a file from a script that runs on a cron job? This is what I have so far: cat passphrase | gpg -o MyData --passphrase-fd 0 -d MyData.asc Where 'passphrase' has the chmod permission 400. Is this the best option? Background: I want to setup a cron job to regularly download an encrypted backup of a database, decrypt it, and store it here (this computer then gets backed up onto tape drives). ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Passphrase on the command line
Stef Caunter wrote: The documentation does not recommend this. Since you appear to not want to store the ciphertext but the plaintext, an encrypted network transfer seems appropriate and less expensive. Write the backup to an ssh pipe instead of a temporary file. Is there any documentation on how to do that? Daniel. -- /\/`) http://opendocumentfellowship.org /\/_/ /\/_/ A life? Sounds great! \/_/Do you know where I could download one? / ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Passphrase on the command line
Is there any documentation on how to do that? Say server A has the original data and server B has the backup. You can do from server A: backup_tool | ssh [EMAIL PROTECTED] dd of=/path/to/backup or you can do from server B: ssh [EMAIL PROTECTED] backup_tool | dd of=/path/to/backup Regards, -- Raphaël signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[GPGOL] No keys found
Hello! I have just installed the latest WinPT and GPGOL on a Windows XP SP2, with Outlook 2003. The installation was successful and I have created my own set of keys and imported some friends public keys. In WinPT I can sign and encrypt with my key and I can encrypt using my friends public keys. BUT, in Outlook/GPGOL I create a new mail, select "Sign Message with GPG" and press Send. I now get an dialog, "Secret Key Dialog" which has a DropDown control that's EMPTY! If I instead select "encrypt message with GPG" I get "Recipient Dialog", and my recipients are in the "Recipient which were not found" edit field. So I'm guessing that GPGOL can't find my keys! I have checked preferences for GPG and GPGOL and they are all pointing to the directory where pubkeys.gpg and seckeys.gpg are. Anyone that has a clue what the error is? // Anders -- -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.2.1 (MingW32) - WinPT 0.7.96rc1 mQGiBEQg8VYRBACOOXStH4ZhRLmGUDXghrFzlB/UU7Hkcitgkdr/HQeStKC3JRit pwqVvbpGe0y7v1EAXhvxt0GJ8JTNY6E5420O2fThOyKjaf5RoKAzRDb/GnCtuhv2 uvcOFQXR4pLGMekjeqr2GljFD4+CZCQxdHH7gyHoMYzLjqtH5v/py3O5PwCguwbj IK+gJwYyAP6U7hDlkUb7UyMD/j/8HlR0ySvhEIN5zu0f647Rat04uK9v+oqZe084 DVJhmiCpaNn6S4blfMMCxZAWtC7Np/C24c+/fwIVoUkwC60qN7nHUUTUWOBEWYOI 8nv+x8ZzoULRGY25DHRc2eKsBh2CZYUPNrR3++CGFOiLjpMlG9Kdf1jc/hKrvaks klI1A/0cbOuNtwG064repJ1IdB6xtswppCyIdb2oGYA8PWen4vI3xRihWaXGSKBI SIKJO/W88aQlBvZ/Rt08Pfxvfkw8TaJs4E2PCKHGrSV/S6aiwggUJHGYPmaJHn/5 87bkVM7sy9V5glZVH7dSK+qWQM2t42K/DjRgptBsp/kV0wj/hbQkQW5kZXJzIEVy aWtzc29uIDxhbmRlcnNAb3N0bGluZy5jb20+iF0EExECAB0FAkQg8dUFCQeGH/8F CwcKAwQDFQMCAxYCAQIXgAAKCRB28dAybUSHYOnMAJ9+CwLVNFS8WjokFZMKh0c7 KU2tpQCeNmiz4ASuGnIPODdD0gjs4aD0jym5AQ0ERCDxWRAEANGRh5WFIq1TmCD9 FgOuNRGFzANg1kLfOqsvW6GXROXREsR31HFmZ8DSly5eTjYNs9hO49HRqVTeDkyq 83KHnaBGik24fqV7yUx2l4ER0imBM7eepcVJwUE5HIm2gU+rqbrFVBmT/fle7UlS jGLLlhmjnSJV3o4kEpLFhlj9d/i7AAMFA/0WSfLjRlD75+Eg1CC8pb0xtaYtq2mR 4MNsFsFkdforC4218q/2Zjx1iU+Qyjg+KWPW/V0QCqKJy5wArl/lOPgIN2oP+UOq FMOxYV7iRq3x+D82ntlJhTwUAlS0ifHmJ/q8vkhAHVeVo3NSqJgKJWQX3kwJIomx qYbOYDmd5S+se4hGBBgRAgAGBQJEIPFZAAoJEHbx0DJtRIdgz9IAmwUeNJMDnkve Yi110dFf68sB5WC3AKCBmS4Gt9VmbynUsvYsAHz/7Xb9cw== =Ypr/ -END PGP PUBLIC KEY BLOCK- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: segfault in gnupg14 (was: How to sign with non-subkey?)
On Wed, Mar 22, 2006 at 02:29:07PM +0100, Peter Palfrader wrote: > On Tue, 21 Mar 2006, Simon Josefsson wrote: > > > [EMAIL PROTECTED]:~$ echo foo |gpg -a -s -v -u b565716f > > gpg: using subkey AABB1F7B instead of primary key B565716F > > gpg: writing to stdout > > gpg: using subkey AABB1F7B instead of primary key B565716F > > gpg: RSA/SHA1 signature from: "AABB1F7B Simon Josefsson <[EMAIL PROTECTED]>" > > -BEGIN PGP MESSAGE- > > Version: GnuPG v1.4.2.2 (GNU/Linux) > > > > owGbwMvMwMS4XF34xKrd8tWMp7mSGFwURP6l5edzdZxiYWBkYjBhZQKJ6Io0MACB > > KAN/QXaibmJKSlFqcbFDel5pQbpeflF6VmKxQ2pFSWleSr5ecn4uAxenAMzQy+bM > > /4v/zBGfa+XAOvOGXqTUwQde0rPmL9P6KDS/8HLSjbKjN5fM+bfO0StszgfhZK0N > > R3X5lKuSzsUa1B5fWvKed/HOTZ9rbrUw8ZdwuT9d33bV/8xzcbFLe+y//76ttcg8 > > v3G1sbjG1kSh62GcnIEmgay1uU4C06ezaT7wbJ1222IN60yGD7w3DwAA > > =HgpN > > -END PGP MESSAGE- > > [EMAIL PROTECTED]:~$ > > While handling this block my gpg segfaulted. > > | [EMAIL PROTECTED]:~$ gpg < blurb > | foo > | gpg: Signature made Tue Mar 21 16:00:14 2006 CET using RSA key ID AABB1F7B > | > | gpg: Segmentation fault caught ... exiting > | zsh: segmentation fault gpg < blurb Fixed, thanks! David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Force GPG to write a file?
On Wed, Mar 22, 2006 at 09:49:34AM +, Daniel Carrera wrote: > Hi all, > > Last question :) > By default, gpg will refuse to write to a file (myfile.gpg) that already > exists. Is there a way to change this behaviour? > > I am running gpg on batch mode on a server to encrypt a database before > downloading. So I need to temporarily store the encrypted file on the > server. There are two ways to accomplish this: > > 1) Give Apache write permission to an entire directory, so it can add > and delete files in that directory. > > 2) Give Apache write permission to just one file (myfile.gpg) and keep > overwriting every time I download a new encrypted backup. > > Right now I'm doing (1) but I guess that (2) would be better. But I can > only do (2) if I can confince gpg to overwrite an existing file. --yes David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Passphrase on the command line
Here is my idiom; checking for success is vital. See openssh documentation for details on key-based shell access. Test for transparent access, if using gpg, test for undisturbed encryption with --batch. You can pipe the dump (or tar) to gpg instead of gzip. File size will be reduced. The dd command can also hit a tape, though this isn't always practical with nightly cron stuff. OK=`/sbin/dump -0 -f - / | gzip | /usr/bin/ssh x.x.x.x dd of=/path/ok.gz 2>/dev/null;echo $?` if [ $OK != 0 ] then echo "`date` `hostname` backup failed $OK" | mail you exit fi echo "`date` `hostname` backup $OK" | mail -s "`hostname` backup $OK" you Stef Caunter http://caunter.ca/contact.html Is there any documentation on how to do that? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Network Neutrality
On 3/22/06, Eric <[EMAIL PROTECTED]> wrote: > there are two ways "around" this, that I can think of, both > of which suck for Cox: > > 1. Content-based whitelisting, meaning you can't make any kind of > connection in or out unless Cox can identify the type of traffic by its > content. > ... > 2. A man in the middle attack, meaning Cox decides to break the > encryption, which is a mostly straightforward process in this case. This > creates several interesting problems. > I think you're ignoring the fact that Cox can throttle your connection simply based on analysis of traffic volumes. They don't have to do any crypto at all, or inspect any packets deeply. Throttling rules would be set up that say "hey, here's one client getting data at high speed from a bunch of other folks simultaneously, and sending data quickly upstream to a bunch of people at the same time." Such a rule would be fairly straightforward to implement by tracking a few simple counters per client. I imagine Packeteer and the other traffic-shaping vendors already have something along those lines available. Such traffic-pattern throttling wouldn't step on VPN or SSL connections, as they're typically from a single host to single host. Basically, BitTorrent has a very unique traffic pattern that makes the encryption at best a temporary roadblock to traffic shapers. The vast majority of BT traffic is from copyright violators, so it's not like the imapcted users will complain about the throttling in any official capacity. As for the impact on "legitimate" BT traffic like Linux distros... well, I'm sure Cox doesn't care one bit. It's not like the Ubuntu project is going to sue Cox over BT traffic shaping. -- RPM ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Error during MAKE
I am getting the following error on MAKE for gpg1.4.2.2 make[2]: *** No rule to make target `../cipher/libcipher.a', needed by `gpgsplit'. Stop. This is a solaris9 box...was able to successfully install previously on another solaris9 box. Anybody have a suggestion? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
(no subject)
was checking the key preferences in gnupg 1.4.2.2(MingW32) with the SHOWPREF command, and found all the algorithms listed except for twofish the key accepts and decrypts messages done in twofish, and works fine have tested this for many of the keys and none of them display twofish in the preferences don't remember which version of gnupg did list twofish, because i don't use showpref that often is there anything new about new gnupg key-preferences that would explain this ? tia, vedaal Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: (no subject)
[EMAIL PROTECTED] wrote: > was checking the key preferences in gnupg 1.4.2.2(MingW32) > with the SHOWPREF command, > and found all the algorithms listed except for twofish > > the key accepts and decrypts messages done in twofish, > and works fine > > have tested this for many of the keys and none of them display > twofish in the preferences > > don't remember which version of gnupg did list twofish, > because i don't use showpref that often > > is there anything new about new gnupg key-preferences that would > explain this ? It doesn't show up because it's not on the key's preference list. If you want a list of supported algorithms use --version C:\WINDOWS>gpg --edit-key 0x7ee6202d showpref Secret key is available. pub 2048R/7EE6202D created: 2004-10-20 expires: never usage: SCE trust: ultimate validity: ultimate [ultimate] (1). test key (test RSA S&E key) <[EMAIL PROTECTED]> [ultimate] (1). test key (test RSA S&E key) <[EMAIL PROTECTED]> Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA Digest: SHA1, RIPEMD160 Compression: ZLIB, ZIP, Uncompressed Features: MDC, Keyserver no-modify Command> setpref aes256 aes192 aes cast5 3des twofish blowfish idea sha256 sha1 ripemd160 bzip2 zlib zip Set preference list to: Cipher: AES256, AES192, AES, CAST5, 3DES, TWOFISH, BLOWFISH, IDEA Digest: SHA256, SHA1, RIPEMD160 Compression: BZIP2, ZLIB, ZIP, Uncompressed Features: MDC, Keyserver no-modify Really update the preferences? (y/N) y You need a passphrase to unlock the secret key for user: "test key (test RSA S&E key) <[EMAIL PROTECTED]>" 2048-bit RSA key, ID 7EE6202D, created 2004-10-20 pub 2048R/7EE6202D created: 2004-10-20 expires: never usage: SCE trust: ultimate validity: ultimate [ultimate] (1). test key (test RSA S&E key) <[EMAIL PROTECTED]> Command> showpref [ultimate] (1). test key (test RSA S&E key) <[EMAIL PROTECTED]> Cipher: AES256, AES192, AES, CAST5, 3DES, TWOFISH, BLOWFISH, IDEA Digest: SHA256, SHA1, RIPEMD160 Compression: BZIP2, ZLIB, ZIP, Uncompressed Features: MDC, Keyserver no-modify Command>quit C:\WINDOWS>gpg --version gpg (GnuPG) 1.4.3-cvs-curl-4079-2006-03-22 Copyright (C) 2006 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Home: C:/Documents and Settings//Application Data/GnuPG Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512 Compression: Uncompressed, ZIP, ZLIB, BZIP2 C:\WINDOWS> -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: (no subject)
On 3/23/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > was checking the key preferences in gnupg 1.4.2.2(MingW32) > with the SHOWPREF command, > and found all the algorithms listed except for twofish > > the key accepts and decrypts messages done in twofish, > and works fine > > have tested this for many of the keys and none of them display > twofish in the preferences C:\>gpg --edit c5dcca32 gpg (GnuPG) 1.4.2.2; Copyright (C) 2005 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Secret key is available. pub 2048R/C5DCCA32 created: 2006-03-05 expires: never usage: CS trust: ultimate validity: ultimate sub 2048R/B9F25302 created: 2006-03-05 expires: never usage: E sub 2048R/16D982EE created: 2006-03-05 expires: never usage: S [ultimate] (1). Simon H. Garlick Command> showpref pub 2048R/C5DCCA32 created: 2006-03-05 expires: never usage: CS trust: ultimate validity: ultimate [ultimate] (1). Simon H. Garlick Cipher: TWOFISH, AES256, 3DES Digest: SHA512, SHA384, SHA256, RIPEMD160, SHA1 Compression: ZIP, ZLIB, BZIP2, Uncompressed Features: MDC, Keyserver no-modify Command> working OK here. Simon ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Change PIN on OpenPGP-Card with Cherry SmartTerminal ST-1044
"Werner Koch" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] On 14 Mar 2006 20:07:21 +0100, Dennis Heitmann said: gpg: pcsc_transmit failed: not transacted (0x80100016) gpg: apdu_send_simple(0) failed: card I/O error That is a catch all error of thye underlying ifd-handler. I have never tried that board with the PCSC driver. It works fine when using the internal GnuPG driver. I sorry, that you burned your card. In general it is always advisable to take some caution when using a new reader device. And you should always start with the regular PIN, this gives you more tries in case something went wrong. Using gpg with the option "--debug 2048" will show details of the card communication. Could the next revision of the OpenPGP card spec (and the next version of the primary implemetation) provide an [optional] command that resets the card to factory condition? (Wipes the key, and then resets the pin counts. Perhaps itwould only work if PIN counter have reached maximum. [At which point the key on the card is for all intents and purposes dead anyway as it is no longer usable, so the user should be able to wipe the card clean. It would save a user's investment.]) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
encrypted mail and gmail / remote
hello group - apologies for the newbie questions. i am wondering if there are any webmail services that can decrypt email, if i somehow inform of my PGP key? also, i am travelling without knowing my pgp key. is this somehow centrally registered, in a way that i can download the key, and use a command line app to decrypt messages sent to me? i guess only the public key is available on the public key registries (if it works that way). thanks! /dc -- ___ David "DC" Collier US 1-415-283-7742 [EMAIL PROTECTED] skype: callto://d3ntaku http://www.pikkle.com +81 (0)80 6521 9559 http://charajam.com 【★キャラ♪ジャム★】 人気キャラとJ-POP最新ヒット曲を自分で組み合わせて 待受Flashや着Flashを作っちゃおう! ___ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: encrypted mail and gmail / remote
I noticed this plugin for squirrelmail if you wanted to do it on your own server: http://www.squirrelmail.org/plugin_view.php?id=153 Aside from that there are a few services around, like hushmail.com that'll do what you want. On 3/23/06, D_C <[EMAIL PROTECTED]> wrote: > hello group - > > apologies for the newbie questions. > > i am wondering if there are any webmail services that can decrypt > email, if i somehow inform of my PGP key? > > also, i am travelling without knowing my pgp key. is this somehow > centrally registered, in a way that i can download the key, and use a > command line app to decrypt messages sent to me? i guess only the > public key is available on the public key registries (if it works that > way). > > thanks! > > /dc > > -- > ___ > David "DC" Collier > US 1-415-283-7742 > [EMAIL PROTECTED] > skype: callto://d3ntaku > http://www.pikkle.com > +81 (0)80 6521 9559 > > http://charajam.com 【★キャラ♪ジャム★】 > 人気キャラとJ-POP最新ヒット曲を自分で組み合わせて > 待受Flashや着Flashを作っちゃおう! > ___ > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
