Re: key selection in batch decryptions
On Mon, 10 Oct 2011 23:18, jw72...@verizon.net said: keys in turn. Is there a way to tell gpg to use just one of the keys if any? I have tried specifying this as one of the options -u userID, but it No there is no way to do this. The best suggestion for all automated systems is not to use a passphrase. If you really want a passphrase and you require full control over it you have three choices: - Write your own pinentry and send CANCEL back until the desired passphrase is requested. Then send the right passphrase. - Write a simple pinentry to always send a CANCEL back (GnuPG 2.1 will have an option to emulate this). The use gpg-preset-passphrase to seed gpg-agent with the desired passphrase. - Use --status-fd/--command-fd. These options allow you to pass a passphrase to gpg entirely under script control. They work even with GnuPG 1.4. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
How to use a GnuPG card on multiple computers?
Hi, How can I use a GnuPG card on multiple computers? My understanding is that when I let the card generate the keys, a stub for each key pair is automatically added to my keyring and instructs gpg to use the card to encrypt my messages. How can I add such stubs to my keyring on a different computer to point to existing keys on my card without having to regenerate the keys (which would render the card unusable for the first computer)? Thanks, Urs ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to use a GnuPG card on multiple computers?
On Tue, 11 Oct 2011 09:37, urs.hunke...@epfl.ch said: gpg to use the card to encrypt my messages. How can I add such stubs to my keyring on a different computer to point to existing keys on my card without having to regenerate the keys (which would render the You insert the card on that other box and enter $ gpg2 --card-edit this creates the stub. To retrieve the public key you may now enter: gpg/card fetch this uses the URL field of the card to retrieve the key. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why revoke a key?
On 2011-10-10 23:29, Jan Janka wrote: How long would it take to execute a successful brute force attack on a pasphrase consisting of 12 symbols (symbols available on common keyboards)? Calculate how many combinations there are, assume some number of tries per second (you can experimentally find this out), and there you go. But remember Murphy's(?) law! -- (I mean the one about doubling computer power every 18 months -- are there two Murphy's laws? Confused now...) You can measure the strength of your password in bits of entropy, which is basically the log base 2 of the number of combinations. So if there are 64 possible combinations (a single alphanum case-sensitive password-ish) then you have 6 bits of entropy. In the diceware FAQ at www.diceware.com you can find info about how long a password with a given number of bits is supposed to be secure. Also some tips on how to pick a memorizable secure passphrase. If the attacker only got the passphrase and not the private key, I can simply change the passphrase to be secure again. Right? So I'd say my key is compromised if I think an attacker got BOTH, the passphrase AND the key. Yes but remember the attacker might get at an old version of your key that still used the old passphrase. -- Q: What is your secret word? A: That's right. Q: What's right? A: Yes. Q: Sir, you're going to have to tell me your secret word. A: What? Q: I said please tell me your secret word. A: What? Q: What's your secret word? A: Yes. Q: Sorry, yes is not your secret word. You have two more chances. A: I said what? Q: Yes. A: Right, so you admit I said it. Q: No, you said yes. A: No, what! Q: When? A: When you asked for my secret word! Q: What? A: Yes! Q: I'm sorry, that's incorrect. You have one more chance to say your secret word. A: I'd like to speak to your supervisor. Q: Very well, I'll transfer you. His name is Hu. (http://boingboing.net/2010/05/03/fun-with-a-banks-sec.html) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to use a GnuPG card on multiple computers?
Hi Werner, Thanks a lot! Cheers, Urs On 10/11/11 11:03 AM, Werner Koch wrote: On Tue, 11 Oct 2011 09:37, urs.hunke...@epfl.ch said: gpg to use the card to encrypt my messages. How can I add such stubs to my keyring on a different computer to point to existing keys on my card without having to regenerate the keys (which would render the You insert the card on that other box and enter $ gpg2 --card-edit this creates the stub. To retrieve the public key you may now enter: gpg/card fetch this uses the URL field of the card to retrieve the key. Salam-Shalom, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
unsubscribe
Sethukumar Ramachandran * Technical Lead * SunGard * Global Services * Divyasree Chambers, Langford Road, Bangalore 560025, India Tel : +91-80- 0501 * Mobile: +91-9980012150 * www.sungard.com/stshttp://www.sungard.com/sts ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why revoke a key?
Jerome Baum jerome+per...@jeromebaum.com writes: On 2011-10-10 23:29, Jan Janka wrote: How long would it take to execute a successful brute force attack on a pasphrase consisting of 12 symbols (symbols available on common keyboards)? Calculate how many combinations there are, assume some number of tries per second (you can experimentally find this out), and there you go. But remember Murphy's(?) law! -- (I mean the one about doubling computer power every 18 months -- are there two Murphy's laws? Confused now...) That's used to be Moore's [1]. On a second thought, I guess that /both/ of them are to be considered when it comes to information security. [1] http://en.wikipedia.org/wiki/Moore's_law […] -- FSF associate member #7257 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Multiple signatures
On 3. 10. 2011 23:59, David Shaw wrote: On Oct 3, 2011, at 1:49 PM, pet jemen wrote: Hi, I want to sign binary data in OpenPGP Message Format. I want sign it by two or more keys. According to http://tools.ietf.org/html/rfc4880#section-5.4 it seems it is possible. (A one-octet number holding a flag showing whether the signature is nested. A zero value indicates that the next packet is another One-Pass Signature packet that describes another signature to be applied to the same message data.) I'd like to use gpg from command-line to sign an input file by two keys. I tried to sign it by: gpg2.exe --quiet --yes --force-v3-sigs -z 0 -u test1 (test1)te...@test1.org -o %1.signed --sign %1 gpg2.exe --quiet --yes --force-v3-sigs -z 0 -u test2 (test2)te...@test2.org -o %1.signed2 --sign %1.signed But the second signature signed the first one also with the first signature. I need to sign it in way were I can verify signature of signed data by both keys (the last octet of One-Pass Signature Packets (Tag 4) packet should be equal to zero). Just repeat -u as many times as you need: gpg -u the-first-key -u the-second-key -u the-third-key -u etc --sign thefile David Thank you for your advice. It is exactly what I was looking for. I've few more questions. Reason why I want sign files this way is to maintain compatibility and add additional signature for verifying. I'd like to sign file in batch mode this way. gpg2.exe --batch --quiet --yes --force-v3-sigs -z 0 --s2k-digest-algo SHA-1 --passphrase-file %passFile1% -u t0001 t0...@t0001.com --s2k-digest-algo SHA512 --passphrase-file %passFile2% -u t0002 t0...@t0002.com -o %1.signed --sign %1 It sees that pgp doesn't take password from files if I sign by multiple keys. If I sign files just by one key it works. Is there a way how to sign file with multiple signatures by two commands and to get the same OpenPgp binary format? Other problem I've noticed when I signed file in non-batch mode is that I’ve specified to use SHA512 for second signature. Problem is that the 3rd octed of One-Pass Signature Packetbodyin signed file is 0x08 which is sha256 according http://tools.ietf.org/html/rfc4880#section-9.4 Any ideas why there isn't 0x0a? Any help is welcome. Pavol Misik ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why revoke a key?
On 10/10/2011 5:44 PM, Jerome Baum wrote: But remember Murphy's(?) law! -- (I mean the one about doubling computer power every 18 months -- are there two Murphy's laws? Confused now...) Moore's Law. For reference, a 40-bit key is breakable today by just about anyone, a 64-bit key is breakable today by people with access to significant computational resources (hundreds of machines), and it's plausible to believe fantastically wealthy adversaries can break 80-bit keys. In 1998, EFF's DEEP CRACK exhausted a 56-bit keyspace in roughly 24 hours at a cost of $250,000. Assuming Moore's Law holds true, that means it could be built today with equivalent performance for about $1,000. A 64-bit keyspace is only a factor of 250 harder: a DEEP CRACK/64 could theoretically be made at a cost of $250,000. An 80-bit keyspace is a factor of 50,000 harder, more or less, putting the price of that at $12 billion, somewhere in there. This is really rough back-of-the-envelope calculation, but it passes my sniff test. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why revoke a key?
On Mon, Oct 10, 2011 at 5:44 PM, Jerome Baum jerome+per...@jeromebaum.com wrote: On 2011-10-10 23:29, Jan Janka wrote: How long would it take to execute a successful brute force attack on a pasphrase consisting of 12 symbols (symbols available on common keyboards)? Calculate how many combinations there are, assume some number of tries per second (you can experimentally find this out), and there you go. But remember Murphy's(?) law! -- (I mean the one about doubling computer power every 18 months -- are there two Murphy's laws? Confused now...) You can measure the strength of your password in bits of entropy, which is basically the log base 2 of the number of combinations. So if there are 64 possible combinations (a single alphanum case-sensitive password-ish) then you have 6 bits of entropy. In the diceware FAQ at www.diceware.com you can find info about how long a password with a given number of bits is supposed to be secure. Also some tips on how to pick a memorizable secure passphrase. A very important distinction must be made between randomly-generated passwords and human-generated passwords. Based on a NIST study on password entropy[1], a 12 character password has only about 24 bits of entropy. Of course, if you're careful about your passphrase generation schemes, you can probably achieve higher than that while still generating your own password. If you value your OpenPGP key, I would not trust it to 24 bits of entropy. My off-card backup of my key is protected by a 32-character passphrase that I believe to be highly resistant to dictionary attack (and contains sufficient special characters that I believe its entropy to be close to the optimal 6.5 bits per symbol). But perhaps I'm delusional. [1] http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf -- David Tomaschik, RHCE, LPIC-1 System Administrator/Open Source Advocate OpenPGP: 0x5DEA789B http://systemoverlord.com da...@systemoverlord.com ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why revoke a key?
David Tomaschik wrote (in part): If you value your OpenPGP key, I would not trust it to 24 bits of entropy. My off-card backup of my key is protected by a 32-character passphrase that I believe to be highly resistant to dictionary attack (and contains sufficient special characters that I believe its entropy to be close to the optimal 6.5 bits per symbol). But perhaps I'm delusional. I do not know about delusional. But in a sense, was it not unwise to tell me your passphrase length? I will now set up my hypothetical exhaustive search cracker not to bother with passphrases less than 32 characters or longer than 32 characters. This reduces the size of the search space I must examine. Of coarse, the shorter ones can be tested faster than the longer ones. -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jerseyhttp://counter.li.org ^^-^^ 09:35:01 up 4 days, 18:08, 4 users, load average: 5.13, 5.25, 5.22 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why revoke a key?
On 10/11/11 9:41 AM, Jean-David Beyer wrote: But in a sense, was it not unwise to tell me your passphrase length? I will now set up my hypothetical exhaustive search cracker not to bother with passphrases less than 32 characters or longer than 32 characters. This reduces the size of the search space I must examine. Of coarse, the shorter ones can be tested faster than the longer ones. Not really. Imagine if you knew his passphrase was a number, but not how long it was. Now he tells you, it's a seven-digit number. Okay, fine: you can exclude all six-digit numbers (900,000 of them), all five-digit numbers (90,000 of them), all four-digit numbers (9,000 of them), all three-digit numbers (900 of them), all two-digit numbers (90 of them) and all one-digit numbers (ten of them) [*]. You've excluded 900,000 + 90,000 + 9,000 + 900 + 90 + 10 = one million total numbers out of the possible ten million. You've reduced the keyspace by 10%. If his passphrase has zero margin of safety, he's done something foolish: his passphrase no longer meets his entropy requirements. On the other hand, if his passphrase is longer than necessary to meet his requirements, he can afford to throw out 10% of the potential keyspace without losing any sleep. What he's done here is pretty much exactly what I've described, just in a different numerical base. Tell you what: I'll put my money where my mouth is. The low-order bits of the primes that comprise my private key are both '1'. Doesn't help you out very much, does it? ;) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why revoke a key?
-- Forwarded message -- From: Robert J. Hansen r...@sixdemonbag.org To: Jerome Baum jerome+per...@jeromebaum.com, gnupg-users@gnupg.org Date: Tue, 11 Oct 2011 08:27:47 -0400 Subject: Re: Why revoke a key? On 10/10/2011 5:44 PM, Jerome Baum wrote: But remember Murphy's(?) law! -- (I mean the one about doubling computer power every 18 months -- are there two Murphy's laws? Confused now...) Moore's Law. For reference, a 40-bit key is breakable today by just about anyone, a 64-bit key is breakable today by people with access to significant computational resources (hundreds of machines), and it's plausible to believe fantastically wealthy adversaries can break 80-bit keys. In 1998, EFF's DEEP CRACK exhausted a 56-bit keyspace in roughly 24 hours at a cost of $250,000. Assuming Moore's Law holds true, that means it could be built today with equivalent performance for about $1,000. A 64-bit keyspace is only a factor of 250 harder: a DEEP CRACK/64 could theoretically be made at a cost of $250,000. An 80-bit keyspace is a factor of 50,000 harder, more or less, putting the price of that at $12 billion, somewhere in there. This is really rough back-of-the-envelope calculation, but it passes my sniff test. -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Somewhat outdated, but here is a webpage that makes some comparisons. They don't give the bitsize of the keys, just the number of combinations, but it is still representative. http://www.lockdown.co.uk/?pg=combi Some other interesting, but likely outdated, discussions: http://news.electricalchemy.net/2009/10/password-cracking-in- cloud-part-5.html http://news.electricalchemy.net/2009/10/cracking-passwords-in- cloud.html -- discusses PGP Avi -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) - GPGshell v3.77 Comment: Most recent key: Click show in box @ http://is.gd/4xJrs iJgEAREKAEAFAk6UWfc5GGh0dHA6Ly9wZ3AubmljLmFkLmpwL3Brcy9sb29rdXA/ b3A9Z2V0JnNlYXJjaD0weEY4MEUyOUY5AAoJEA1isBn4Din5gXcBAJhFPQdzW6Xm +yGodASC7eBNvkyE67/eHZZK+xLWe+faAP4ghpRCy6ryU8F0Yz65JmzEmmpyFGKw vuJ2Oxoq7UTO+g== =Fdds -END PGP SIGNATURE- User:Avraham pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) avi.w...@gmail.com Primary key fingerprint: 167C 063F 7981 A1F6 71EC ABAA 0D62 B019 F80E 29F9 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
re: key selection in batch decryptions
John A. Wallace jw72253 at verizon.net wrote on Mon Oct 10 23:18:21 CEST 2011 : Is there a way to tell gpg to use just one of the keys if any? I have tried specifying this as one of the options -u userID, but it seems to ignore my specification and it always tries to use a different key from the one I intend. Not with a direct command, but with a simple workaround. Make another keyring with only the key(s) you want tried, and point gnupg to that keyring for that batch job. vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Multiple signatures
On Tue, 11 Oct 2011 13:55, pje...@gmail.com said: Other problem I've noticed when I signed file in non-batch mode is that I’ve specified to use SHA512 for second signature. You didn't. What you did is to specify an S2K hash algorithm which is used to turn passphrases into keys. Further it is not possible to change the algorithms for each key. You may be better off not to tinker around with algorithm options if you don't have a close understanding of how they work. GnuPG has sensible defaults and a preference system to select algorithms. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gpg version 2.0.17 with libgcrypt 1.4.6
Hi, Another developer and I have downloaded and compiled and built the versions of gpg listed. I have generated the keys successfully and when I try running gpg as a test to encrypt a file I am getting bus errors. I have started the agent as you can see below as well. I also did a list-keys to show my keys I'm testing with as well. Does anyone have any ideas as to why I am getting a bus error? I've looked at a lot of documentation and browsed the internet but am not finding anything. Thanks, Mike gpg (GnuPG) 2.0.17 libgcrypt 1.4.6 ACTUAL RUN -- mb55918[crdap400] cat test.log | gpg -v -e -r mb55918 --output test.gpg Warning: using insecure memory! gpg: using PGP trust model gpg: using subkey 8A6C440C instead of primary key F8A311AD gpg: This key belongs to us gpg: reading from `[stdin]' File `test.gpg' exists. Overwrite? (y/N) y gpg: writing to `test.gpg' ksh: 14336 Bus Error LIST OF KEYS mb55918[crdap400] gpg --list-keys Warning: using insecure memory! /home/cchome01/mb55918/.gnupg/pubring.gpg - pub 1024D/F8A311AD 2011-09-29 uid mb55918 (mb55918) mb55918@crdap400 sub 1024g/8A6C440C 2011-09-29 AGENT - mb55918 27018 1 0 10:20:37 ? 0:00 gpg-agent --daemon --use-standard-socket --pinentry-program /opt/software/biadm ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Useful factoid
Accurate to 6%, there are 2**25 seconds in a year. Worth remembering: it makes certain kinds of computations much easier. (It follows there would be about 2**35 seconds in a thousand years, or 2**45 seconds in a million.) E.g., let's say you want to brute-force an 64-bit key on a CPU that can do a million (2**20) attempts per second. This requires, on average, 2**63 attempts. 2**63 / 2**20 = 2**43 seconds: 2**43 / 2**45 = 2**-2 = a quarter of a million years. I don't know why it took me so long to notice that: seems like the sort of thing I should've noticed a decade ago. It makes certain kinds of computations so much easier. Anyway, figured I'd throw it out on the off chance there were others who hadn't noticed it. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Useful factoid
Robert J. Hansen wrote: Accurate to 6%, there are 2**25 seconds in a year. Worth remembering: it makes certain kinds of computations much easier. (It follows there would be about 2**35 seconds in a thousand years, or 2**45 seconds in a million.) E.g., let's say you want to brute-force an 64-bit key on a CPU that can do a million (2**20) attempts per second. This requires, on average, 2**63 attempts. 2**63 / 2**20 = 2**43 seconds: 2**43 / 2**45 = 2**-2 = a quarter of a million years. Let us assume you are the bad guy and have computing power that can do an arbitrarily large number of key attempts per second. Unless you have my encrypted keys, you have to access my computer (unless you have already stolen it, in which case there are much easier ways to invade the machine), you will have to try logging in through the Internet (in the case of my machine), and the first thing you will hit is the login program. This can probably handle only a few attempts per second, and if I were serious about security, I would have it double the time to reply each time it got a failed login on that connection. In the days of dialup, I would have the machine hang up on the connection with too many failed login attempts. Of course, if you could get into my machine and login as the only user with access to my encrypted password file, you could copy that file to your high speed facility and crack it at your leisure. But if you could do that, you could already do anything you wanted with my machine -- install trojan horse keyloggers, defeat the security in the login program, etc. I don't know why it took me so long to notice that: seems like the sort of thing I should've noticed a decade ago. It makes certain kinds of computations so much easier. Anyway, figured I'd throw it out on the off chance there were others who hadn't noticed it. -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jerseyhttp://counter.li.org ^^-^^ 17:05:02 up 5 days, 1:38, 4 users, load average: 4.73, 4.76, 4.82 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why revoke a key?
On 2011-10-11 16:54, Robert J. Hansen wrote: Okay, fine: you can exclude all six-digit numbers (900,000 of them), all five-digit numbers (90,000 of them), all four-digit numbers (9,000 of them), all three-digit numbers (900 of them), all two-digit numbers (90 of them) and all one-digit numbers (ten of them) [*]. You've excluded 900,000 + 90,000 + 9,000 + 900 + 90 + 10 = one million total numbers out of the possible ten million. You've reduced the keyspace by 10%. That 10% really depends on what you are revealing. Consider a 256-bit key. Telling you that it's proper 256 bits (i.e. MSB is 1) I've just halved the search space. I'd guess that revealing that a single base-n digit is non-zero you loose 1/n of the keyspace (base-10: 10%, base-2: 50%). Let's see: given m base-n digits, the keyspace has n^m elements. Revealing one of those digits to be non-zero, the search space is reduced to (n-1)*n^(m-1), so you've lost n^m-(n-1)*n^(m-1) items from your keyspace. That's (n^m-(n-1)*n^(m-1))/n^m of your keyspace, i.e. 1-(n-1)/n = 1/n. So the bit case is the worst-case, and even though I'm paranoid enough for a 4096-bit pubkey, I can sleep well when a 256-bit symmetric key is really worth 255 bits. :-) P.S. where did the [*] go? If his passphrase has zero margin of safety, he's done something foolish: his passphrase no longer meets his entropy requirements. On the other hand, if his passphrase is longer than necessary to meet his requirements, he can afford to throw out 10% of the potential keyspace without losing any sleep. What he's done here is pretty much exactly what I've described, just in a different numerical base. Tell you what: I'll put my money where my mouth is. The low-order bits of the primes that comprise my private key are both '1'. Doesn't help you out very much, does it? ;) Oh, also, this! -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Useful factoid
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Tuesday 11 October 2011 at 9:32:18 PM, in mid:4e94a7d2.7060...@sixdemonbag.org, Robert J. Hansen wrote: Accurate to 6%, there are 2**25 seconds in a year. [...] I don't know why it took me so long to notice that: seems like the sort of thing I should've noticed a decade ago. I suppose you didn't need to notice it because you already remembered pi seconds in a nano-century - -- Best regards MFPAmailto:expires2...@ymail.com A nod is as good as a wink to a blind bat! -BEGIN PGP SIGNATURE- iQCVAwUBTpTlNaipC46tDG5pAQo8NgP/f/etxoSVmn5rhWCc/mUxaoO4U4HD/9TB snAV8qD1mZU2dzvkzrlZXMlIgr3pYzEXTImSGfsmjBLH90Q/hGdvAvlC2smW8Ezw Net+bV/vw6r8TFKbwoF7ubIK4/27A3bSoq3up5t0PrEK2dOGIpTYnPgfEY5pIfe/ jz1JYCPJNhE= =/wzd -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users