Re: message signature types
Charly Avital: auto15963931 jv92pc$ct5$1...@dough.gmane.org July 31, 2012 2:47:22 PM wrote: If this is the wrong place to ask, please point me in the right direction. Where can I learn more about importing, if such a thing is even done this way, and making use of message signatures which utilize an smime.p7s file? I got a message from someone who uses this, and I need to learn about verifying and downloading from a keyserver files like this. Especially important for me is learning how to check whether it had been revoked, etc. Where is a support group for this sort of signature if this is not it? Thanks. S/MIME = Secure Multipurpose Internet Mail Extensions is a standard for public key encryption and signing of e-mail encapsulated in MIME. It achieves goals that are similar to GnuPG's but uses different means. The use of GnuPG requires the installation of GnuPG software, and some kind of module that will enable interaction between that software and the e-mail client one is using. GnuPG per se enables its user to generate and manage certificates (aka keys). S/MIME does not require the installation of any such software but needs to obtain and install a certificate/key that is issued by a Certificate Authority (CA). The certificate that is issued by the CA of your choice has to be imported into your e-mail client (if it has S/MIME capability) or into your browser. You might try http://www.comodo.com. I am sure members of this list will provide more accurate information. Charly OS X 10.8 (12A269} MacBook Intel C2Duo 2GHz-GnuPG 1.4.12-MacGPG2-2.0.17-9 Thunderbird 14.0 Enigmail 1.5a1pre (20120727-2257) So the last question is just how do I go about checking whether one of these smime.p7s certificates has been revoked. What is the process of revocation in general? Thanks. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: message signature types
On Wed, 1 Aug 2012 16:50, auto15963...@hushmail.com said: So the last question is just how do I go about checking whether one of these smime.p7s certificates has been revoked. What is the process of revocation in general? Thanks. There are three ways: - Using a CRL. The address of the CRL is usually part of the certificate and used by GPGSM. - Using OCSP Responder. That is kind of online check of a CRL. You can enable this in GPGSM. - Use a list of revoked CAs which comes with todays browsers. Now the question is now to get your certificate into a CRL. Technically this is easy. But how can a user ask a CA to put his certificate on the CRL is an open question. You need to ask your CA. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: message signature types
auto15963931 jvbfo8$eo1$1...@dough.gmane.org August 1, 2012 11:44:19 AM wrote: So the last question is just how do I go about checking whether one of these smime.p7s certificates has been revoked. What is the process of revocation in general? Thanks. Sorry I can't help you, I can only suggest: - wait for a knowledgeable list member to answer. - Google Charly ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: message signature types
Werner Koch: On Wed, 1 Aug 2012 16:50, auto15963...@hushmail.com said: So the last question is just how do I go about checking whether one of these smime.p7s certificates has been revoked. What is the process of revocation in general? Thanks. There are three ways: - Using a CRL. The address of the CRL is usually part of the certificate and used by GPGSM. - Using OCSP Responder. That is kind of online check of a CRL. You can enable this in GPGSM. - Use a list of revoked CAs which comes with todays browsers. Now the question is now to get your certificate into a CRL. Technically this is easy. But how can a user ask a CA to put his certificate on the CRL is an open question. You need to ask your CA. I already have Gpg installed, as well as GPA, but I have not used them for smime, which is, I think, what I hear you say I can do? In any case, when I right-click the certificate in Win7, I see no option that would lead me to believe that my system is currently capable of viewing this certificate. I opened it in a text viewer application, but it appears to be binary, not really a text file that I can see. So, what would I need to do at this point to take a looksy at this certificate file, which I detached from the message of which it was part? Thanks. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Trying to compile gpg 2.0.19 for Mac OS 10.8 Mountain Lion.
Hi, After installing all the required libraries (as indicated in first run of ./configure), I get the following: Output of ./configure: GnuPG v2.0.19 has been configured as follows: Platform: Darwin (x86_64-apple-darwin12.0.0) OpenPGP: yes S/MIME:yes Agent: yes Smartcard: yes (without internal CCID driver) Gpgtar:no Protect tool: (default) Default agent: (default) Default pinentry: (default) Default scdaemon: (default) Default dirmngr: (default) Last lines of make output: gcc -DHAVE_CONFIG_H -I. -I.. -I../intl -I/usr/local/include -DJNLIB_IN_JNLIB -I/usr/local/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -MT utf8conv.o -MD -MP -MF .deps/utf8conv.Tpo -c -o utf8conv.o utf8conv.c utf8conv.c: In function ‘native_to_utf8’: utf8conv.c:382: error: ‘ICONV_CONST’ undeclared (first use in this function) utf8conv.c:382: error: (Each undeclared identifier is reported only once utf8conv.c:382: error: for each function it appears in.) utf8conv.c:382: error: expected ‘)’ before ‘char’ utf8conv.c: In function ‘do_utf8_to_native’: utf8conv.c:648: error: ‘ICONV_CONST’ undeclared (first use in this function) utf8conv.c:648: error: expected ‘)’ before ‘char’ utf8conv.c: In function ‘jnlib_iconv’: utf8conv.c:724: warning: passing argument 2 of ‘libiconv’ from incompatible pointer type make[2]: *** [utf8conv.o] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 Hoping to solve the problem by installing the latest gettext 0.18.1.1, I get the following when trying to compile gettext: Last lines of ./configure: checking whether make sets $(MAKE)... yes checking whether NLS is requested... yes checking for msgfmt... /usr/local/bin/msgfmt checking for gmsgfmt... /usr/local/bin/msgfmt checking for xgettext... /usr/local/bin/xgettext checking for msgmerge... /usr/local/bin/msgmerge configure: creating ./config.status config.status: creating Makefile config.status: creating installpaths config.status: creating po/Makefile config.status: executing po-directories commands Last lines of make: libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -DEXEEXT=\\ -DEXEEXT=\\ -DEXEEXT=\\ -I. -I.. -I../intl -I../intl -I.. -I.. -DDEPENDS_ON_LIBICONV=1 -DDEPENDS_ON_LIBINTL=1 -I../intl -I///usr/include/libxml2 -I./libcroco -g -O2 -c stpncpy.c -fno-common -DPIC -o .libs/stpncpy.o stpncpy.c:34: error: expected declaration specifiers or ‘...’ before numeric constant stpncpy.c:34: error: expected ‘)’ before ‘!=’ token stpncpy.c:34: error: expected ‘)’ before ‘?’ token make[4]: *** [stpncpy.lo] Error 1 make[3]: *** [all] Error 2 make[2]: *** [all-recursive] Error 1 make[1]: *** [all] Error 2 make: *** [all-recursive] Error 1 I've searched for possible solutions. One of them was trying to patch gettext with attached patch. Didn't succeed. Thank you in advance for your assistance. Charly OS X 10.8 (12A269} MacBook Intel C2Duo 2GHz-GnuPG 1.4.12-MacGPG2-2.0.17-9 Thunderbird 14.0 Enigmail 1.5a1pre (20120727-2257) --- gettext-tools/gnulib-lib/stpncpy.c.orig 2007-10-07 23:29:35.0 +0300 +++ gettext-tools/gnulib-lib/stpncpy.c 2011-03-11 23:34:40.0 +0200 @@ -24,7 +24,7 @@ #include string.h #ifndef weak_alias -# define __stpncpy stpncpy +//# define __stpncpy stpncpy #endif /* Copy no more than N bytes of SRC to DST, returning a pointer past the ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
trampCrypt family of CLI programs
On 31/07/12 19:25, Robert J. Hansen - r...@sixdemonbag.org wrote: Set up a trusted introducer/certificate authority and presto, bang, you're off to the races. When Alice comes on board at the company, the local authority generates a certificate for her, sets up her Thunderbird+Enigmail installation Alice doesn't understand what a certificate is and hasn't got the time necessary to do so. More importantly, she hasn't got a Thunderbird+Enigmail installation and has no intention of getting one (or anything else that needs to be installed) on each and every computer on which she performs the tasks requiring the software tool we are searching for here. Alice wants to plug a USB stick into a computer, *any computer*, and start a CLI program with something like: trampEncrypt -myKey=xyz.bin -key=bob.bin cleartext.file ciphertext.file or: trampDecrypt -myKey=xyz.bin ciphertext.file cleartext.file In either case, the program will ask for the pass-phrase to decrypt xyz.bin, and, in case of encryption, some entropy key-presses. (The third program, trampKeygen, will be executed only in controlled environment). (Add a -text flag for trampEncrypt to pre-compress plaintext and produce base64 encoded ciphertext and vise versa for trampDecrypt and that pretty well completes the functional specs.) In order to communicate securely with someone outside the organization, she calls up the certificate authority... The hypothetical benefit of secure communication with the general public, i.e., non-members of the group is not considered here. There is no benefit of key file internal structure conformance to pgp/gpg or end-user algorithm choice. You must have physical control over the hardware for GnuPG to be used safely. Drive-by machines have uncomfortably high malware infection rates. Don't use GnuPG except on machines that you physically control and are confident are free of malware. Assume, please, that the requirement to use the software on multiple ad-hoc computers is quite hard. I won't get into what these may or may not be here; but it has been determined that in this case the risk is quite low, while the operational flexibility is invaluable. Perhaps as an aside...: I have no doubt whatsoever that the total population of MS Windows computers owned and operated as his or her trusted machine by an average gpg user has a much, much greater malware infection rate than ad-hoc computers to be used by the members of this group. Yet somehow, malware is not considered a problem worth addressing by gpg architects and use experts - as it indeed shouldn't be. However, it is invariably used to quickly trump any requests for a gpg-portable variant. Why is that so? Much as I appreciate all comments provided, I can't help but observe that those offered so far mostly debate the wisdom of the requirements and not speculating on the best way to satisfy them. For instance, what is the feasibility of scissoring out just the required functionality from the gpg code base and then wrap it into three CLI programs (trampKeygen, trampEncrypt, trampDecrypt)? (trampSign and trampVerify could be added if there is ever any need for signing identified by this - or some other group of trumpCrypt family of CLI programs). Is there perhaps a previous version (pre-agent, specifically) that would be a better candidate for such an endevour? Are there any security implications that one should watch out for in earlier versions of crypto primitives in gpg code base? Peter M. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: trampCrypt family of CLI programs
On 8/1/2012 5:37 AM, peter.segm...@wronghead.com wrote: Alice doesn't understand what a certificate is and hasn't got the time necessary to do so. Pardon me for being blunt: she's boned. The hypothetical benefit of secure communication with the general public, i.e., non-members of the group is not considered here. There is no benefit of key file internal structure conformance to pgp/gpg or end-user algorithm choice. I've read this a few times and I don't understand the point you're trying to make, I'm sorry. members of this group. Yet somehow, malware is not considered a problem worth addressing by gpg architects and use experts - as it indeed shouldn't be. If you'll only consider 'authoritative' sources, Werner has said several times that so-called 'portable' GnuPG installations are too prone to malware for him to recommend using them. (I don't recall if his reasoning is USB tokens are malware vectors and if you go about plugging your token into strange computers you'll be sorry, or any computer that lets strangers plug in USB tokens is probably already compromised, so don't use them or you'll be sorry. It is quite possibly both.) I've heard similar remarks from other people. You may find a brief perusal of the archives to be very illuminating. Further, malware is a very real concern for GnuPG's architecture. For example, consider GPGME: rather than have a shared library that can be hijacked by Process A (i.e., malware) to compromise Process B's security, GPGME spawns an entirely new GnuPG invocation and uses the process barrier to help keep malware from propagating into the core. Malware is also one of the reasons why GnuPG supports smart cards: smart cards are much more resistant to exploitation than is a desktop PC. However, it is invariably used to quickly trump any requests for a gpg-portable variant. Why is that so? Because it is the consensus of the community, after much deliberation and consideration. Some members of the community disagree and have done some good work making portable GnuPG installations: perhaps some of them will be in touch with you to share their knowledge. For instance, what is the feasibility of scissoring out just the required functionality from the gpg code base and then wrap it into three CLI programs (trampKeygen, trampEncrypt, trampDecrypt)? (trampSign and trampVerify could be added if there is ever any need for signing identified by this - or some other group of trumpCrypt family of CLI programs). You may, of course, do this yourself; the licensing explicitly permits it. However, I won't do this for you because I think it's a bad idea and you haven't persuaded me otherwise. I imagine many of the people who are competent to do this work are of a similar mind. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
October 3: Deutsche Einheit
A lot of people remember that each Christmas I remind people that 'tis the season for giving and that it's possible to donate to the GnuPG project, and/or related privacy charities. Well, I hate to get into a rut, so I'm (probably) not going to do that this year. Instead, I notice that it's now the first of August and Germany's Unity Day is just around the corner -- a holiday that celebrates the end of the police state that was the German Democratic Republic and the restoration of millions of people to a political system that has respect for basic human rights and civil liberties. On top of that, the principal developer for GnuPG is German, so... Tell you what. From now until Unity Day, for each euro you donate to g10 Code, I will match it. [*] Privacy is important. More than that, privacy is a human right. So let's celebrate millions of Germans regaining their human rights, and let's also help guarantee privacy for the future. Who's with me? :) http://g10code.com/gnupg-donation.html [*] The fine print: as of right now 780 euros have been donated to GnuPG development in 2012. On October 4 I will be checking the donations page again and figuring out the difference. I'll match the difference, euro for euro, up to 250 euros total. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: trampCrypt family of CLI programs
On Wed, 01 Aug 2012 15:04:57 -0400 peter.segm...@wronghead.com wrote: On 31/07/12 19:25, Robert J. Hansen - r...@sixdemonbag.org wrote: Alice doesn't understand what a certificate is and hasn't got the time necessary to do so. So, she, and others like her, would be *more at risk* for compromise by any attacker who might take advantage of this, and of the knowledge that she would be communicating sensitive information over a semi- public setup that she believes to be protective of her privacy. - Assume, please, that the requirement to use the software on multiple ad-hoc computers is quite hard. I won't get into what these may or may not be here; but it has been determined that in this case the risk is quite low, while the operational flexibility is invaluable. ... Much as I appreciate all comments provided, I can't help but observe that those offered so far mostly debate the wisdom of the requirements and not speculating on the best way to satisfy them. - I am not familiar with TrampCrypt, and cannot offer any guidance about it, but here are some speculations about how you might accomplish your goals, with the caveat that you accept all the risks involved, (and, communicating those risks to whoever is trusting your advice and allowing their sensitive information to be communicated.) : [1] Setup gnupg on a usb disk, and boot the adhoc computer from a static cd or dvd (e.g., an Ubuntu install disk to run in 'demo' mode. [2] The Ubuntu Demo can read files on the adhoc computer, both in linux, FAT, and NTFS systems, (and can even access any file on a windows system, without any administrative privilege necessary). [3] Create a hierarchy of users who wish to communicate with each other, and give them all the same password, (a random string of sufficient length that the users will need to write down. A simple way to do this, is to encrypt any file with gnupg, and then decrypt using the option of '--show-session-key' , and using the session key string as the passphrase, and then supplying it to all users of this hierarchy.) [4] Encryption and decryption of files can then be done symmetrically, by the users, with very minimal effort. (i) To encrypt: gpg -c -a filename (ii) To decrypt: gpg encrypted filename (it's not necessary to use a specific 'decrypt' command, gpg will 'understand' from the file that it's encrypted and ask the user for the passphrase). [5] If a user wants to communicate with users from other hierarchies, give that user the passphrase for that hierarchy, and impress upon the user to 'not get the passphrases mixed up'. ;-) All unencrypted data will be written only to the usb. This system is doable but has 'many' potential flaws, of which only a few are listed here: -keyloggers capturing everything by someone targeting the adhoc computer. -malware attacks on the usb, if used for any purpose on any other computer. -exposure of sensitive information if the usb is lost or stolen. -losing the written passhrase, or, worse, having it copied without the user's knowledge. Here is a site on how to build a standalone gnupg on a usb: (If you want to, you can put this on a usb with a bootable ubuntu system and boot directly from the usb, if you adhoc computers allow for this). http://www.angelfire.com/mb2/mbgpg2go/tp.html Final, (and most important), caveat: You are the judge of what your threat model is, and what the potential risks you are subjecting the unsuspecting users to. These users are *trusting* you with their sensitive information, but are *blind* as to the problems that may occur. It is far, far worse to communicate using encryption, expecting that privacy will be maintained, when unknown to the user, it may not be, than not to communicate at all. Do not place such a 'stumbling block' before the 'blind'. vedaal (sorry about breaking the thread :-(( posted from an area where i can't use thunderbird) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: trampCrypt family of CLI programs
On 8/1/2012 6:13 PM, ved...@nym.hush.com wrote: These users are *trusting* you with their sensitive information, but are *blind* as to the problems that may occur. It is far, far worse to communicate using encryption, expecting that privacy will be maintained, when unknown to the user, it may not be, than not to communicate at all. I would say that it may be far, far worse, but with that minor quibble I could not agree more. = By itself, GnuPG is useless. It may even be worse than useless. In the best case GnuPG can be an effective tool for ensuring the confidentiality and integrity of messages, but in the worst case it's just cryptographic fairy dust: people think that if they just do X followed by Y and Z, they will somehow magically be secure. Feynman warned against this thinking in science. He called it cargo-cult science, after the South Pacific islanders who built incredibly intricate religions based on imitating the forms of airplanes, airbases and other things they saw during World War Two. But no matter how accurate the bamboo mock-up of a DC-3 cargo plane is, without an understanding of Bernoulli's Principle, the Navier-Stokes equations, fluid dynamics, mechanical engineering, Newtonian mechanics and the like, you can't make a real DC-3 and your bamboo mock-up will remain something that *looks* like a DC-3 while missing absolutely everything that makes a real DC-3 what it is. Cargo-cult cryptography is the exact same thing, just done with software instead of bamboo. = What makes cargo-cult DC-3 airplanes safe is the fact they never get airborne. We know they are clearly, obviously, defective from the get-go, and so we never trust them. We might fool ourselves into thinking we're on the right track and next year's bamboo DC-3 will be able to take off to fly to John Frum [1] for sure, but this year's plane is just not working. Nobody really gets hurt. But cryptography is not like an airplane, where the fake stuff becomes evident very early on. Cryptography is more like an ejection seat. When you need it, it has to work right, the first time, even while the aircraft is on fire, breaking up, and about to explode... and even then, if you go into it without training, you'll probably be dead before you hit the ground. The popular understanding of an ejection seat -- pull the D-rings and enjoy the ride -- is completely wrong. Pilots have to train for ejection because there are so many things that can screw up. You have to get into the right position for ejection because otherwise you'll shatter your spinal column from the 35+ Gs of acceleration. And once you've ejected, with your vertebrae cracked and/or broken, you have to consider the possibility you may be on fire. (Seriously. You were sitting on top of a rocket motor inside an aircraft that was on fire and about to explode. You may be on fire.) What do you do then? Your shroud lines may get tangled. How do you untangle them? How do you untangle them with a broken spinal column and your boots on fire? You may be about to land in hostile territory, injured, and with an army hunting you. How do you hide and how do you evade? The purpose of training is not to give you rote tools. The purpose of training is to teach you how these rote tools work, how to use them in concert, when one tool is disadvised and another is strong, when two tools can be combined in creative ways, and so forth. It is to give you the ability to improvise highly effective solutions to the demands of a chaotic and ever-changing world. Pilots call their training training, and call their knowledge of how to use their training the Right Stuff. In communications security, knowing how to use training is called tradecraft. [2] = Whenever I hear someone say that GnuPG is too hard to use, well, I sympathize with them. GnuPG is very hard to use. It has a learning curve like the Matterhorn. I have no disagreement there. But when I hear people say they have a great idea that will allow people to keep secure against dedicated, serious adversaries while requiring very little training or knowledge on the part of the user, well... There is no replacement for tradecraft. There will never be a replacement for tradecraft. Tradecraft is always a hard skill to acquire. (I am a rank amateur, and I doubt many people on this list are better.) And you can rely on a dedicated, serious adversary having excellent tradecraft of their own. [1] http://en.wikipedia.org/wiki/John_Frum [2] http://en.wikipedia.org/wiki/Tradecraft ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users