Re: It's time for PGP to die.
On 16.08.2014, Kristy Chambers wrote: Sorry for that crap subject. I just want to leave this. [] The use of PGP/GPG depends entirely on the respective needs and and context. For me, it has been working perfectly in many years, and thus, what's described in this article is a good example for theory which doesn't affect practice. At least in my case. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 17/08/14 08:57, Heinz Diehl wrote: On 16.08.2014, Kristy Chambers wrote: Sorry for that crap subject. I just want to leave this. [] The use of PGP/GPG depends entirely on the respective needs and and context. For me, it has been working perfectly in many years, and thus, what's described in this article is a good example for theory which doesn't affect practice. At least in my case. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users I've been using gnupg for many many years. I have 199 users in my key ring and 99.99 per cent are untrusted. A fact that I for one do not mind. You don't trust my key is from me - right? Trust is relative - you have all been here for many many years - but I will not sign keys from you as trusted. Leaving aside the issue of how popular encryption of mail is - we are faced with the fact that 98 per cent of computer users are completely ignorant about software and hardware. They just go into PC World and buy what they like. There is No Microsoft pre-loaded security features built-in and so end users have no idea about encrypting their emails - and no easy way to instantly share keys between users. There is no automatic key generation at the point of switching the computer on for the very first time and then sharing your key with millions of other people. Same with so-called smart phones and tablets - there is no automatic simple key creation and automatic posting to a secure key server. We make an effort - but I have very very few friends that I have had to install gnupg on their computers - every one I know knows nothing about computers. While we are concerned with our rights to private communication - concerned with NSA GCHQ 99.99 per cent of the world's population while having a general or non-existent idea of security have no idea of what they should do. We fiddle while Rome burns. After 20 odd years while there has been advances in cryptography and GUIs there has been an almost zero growth in take up. No wonder Yahoo and Google (who can not be trusted) are providing solutions to end users who are completely ignorant. Can you imagine the horror of Microsoft entering the market? That thought scares me to death. But we have to face the fact that Microsoft has a hold on hard drive manufacturers - in that they are all sold with a version of Windows on them. What is required is that at first boot up of a computer an Iphone or an Itablet whatever a programme needs to run that will install and create a set of keys automatically. Your public key will automatically be sent to key servers. If there are any bugs security holes - then updates should be automatic. Time to die? Well after 20 years I think it is all very academic - professors sit in class rooms the world over - not much common sense comes out of their mouths. The real issues are: (a) do we want to implement our own security on our own devices as a geek or (b) have some automated pre-installed software that will create all that's necessary at first boot or (c) rely on some large corporation to handle the encryption and decryption for us Will global encryption and de-cryption of all emails and there attachments be fully automatic? The implications for security and intelligence services are a real head ache but who cares!! Some countries do not allow encryption by law and those that do will change their laws to have access to All private keys or face long term jail sentences. All governments are against the people. GNUpg would have a great future if the developers had greater vision. We are in a very very tiny minority of people. So small we are insignificant. The use of gpg will die out because we are ALL getting a bit long in the tooth. Service providers will make their own solutions available simply as an added end-user benefit but without any legal binding on their own security. We know that the NSA and GCHQ would be horrified by the thought of every one in the entire world encrypting their emails. They have a vested interest of keeping it under their control. The fact is 99.99 per cent of the world's population does not know gnupg exists. Or GPG4WIN. Perhaps when we are all in our 90's we will say Oh gpg was a good idea, pity it did not catch on. David -- “See the sanity of the man! No gods, no angels, no demons, no body. Nothing of the kind.Stern, sane,every brain-cell perfect and complete even at the moment of death. No delusion.” https://linuxcounter.net/user/512854.html - http://gbenet.com 0xAAD8C47D.asc Description: application/pgp-keys ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Mail header encryption (was Re: It's time for PGP to die.)
On 17/08/14 03:05, Garreau, Alexandre wrote: Well, afaik, there’s *no* MIME header which is required for delivery However, in practice, MTA's, and specific configurations of MTA's, might depend on headers in the mail: - Spam filtering setups. Enough said. - Microsoft Exchange[1] is not an RFC2822-based messaging system. When interfacing through SMTP, POP3 or IMAP, messages are converted to and from X.400. And then there is the problem of RFC 6409, Message Submission for Mail, which specifies that the SMTP server receiving the message from the user (in other terms, the MSA receiving the message from the MUA) /is/ allowed to alter the message. I see a very nice example in the RFC which could be a problem with your proposal: 8.1. Add 'Sender' The MSA MAY add or replace the 'Sender' field, if the identity of the sender is known and this is not given in the 'From' field. The MSA MUST ensure that any address it places in a 'Sender' field is, in fact, a valid mail address. And as a very specific example, I can't get my Exim server to interface to Spamassassin without acting as an MSA to Spamassassin. This means it will invariably add missing 'Date' and 'Message-ID' headers to any mail delivered to me. This would not be a problem for what you're proposing; I'm just pointing out that in practice, some unexpected issues might crop up. (maybe RFC says there is, but currently mail servers accepts mails with no headers at all) The ones acting as MSA's will usually add them, though. Then things like the subject, the date, the message-id, the list of attached things, etc. would be protected. The date is usually the same as the moment it is passing through the internet. A monitoring adversary doesn't learn anything worthwhile. The Message-ID by itself doesn't seem interesting to me. However, when combined with the In-Reply-To and References headers, it can be very interesting. That makes less metadata, but it still leaks the more important: recipient and receiver. Yes, it only solves minor issues but leaves the major one untouched. Peter. [1] I'm unsure if there are versions that are pure RFC2822. AFAIK, all Exchange servers are prone to mangling your message, whether that's caused by X.400 conversions or not. Of course, Microsoft often knows better than RFC's, and treats MUST NOT as purely optional. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On Sun, 17 Aug 2014 01:08, r...@sixdemonbag.org said: this blogpost: OpenPGP can't protect your metadata, and that turns out to often be higher-value content than your emails themselves are. Further, exposed metadata is inherent to SMTP, which means this problem is going to be absolutely devilish to fix. Right; this is an SMTP thing (RFC-821). However SMTP is only for transport and the content format RFC-822 defines a simple way to encapsulate messages in other messages: Content-Type: message/rfc822. Using this feature it is possible to keep the entire RFC-822 based mail infrastructure while using a different transport mechanism. This can be done mostly transparent for existing applications using a private or corporate gateways. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 17/08/14 11:57, Werner Koch wrote: Using this feature it is possible to keep the entire RFC-822 based mail infrastructure while using a different transport mechanism. This can be done mostly transparent for existing applications using a private or corporate gateways. So basically what you're suggesting is: - MUA's still work with RFC-822 based mail, with a sort of dummy envelope that holds an encrypted MIME message/rfc822 inside with the real metadata. These MUA's still talk IMAP and SMTP. - We define a new transport; the message the MUA hands via SMTP is not sent on with SMTP, but with a different transport that's not quite as leaky with metadata. This transport ultimately delivers the message to a mailbox server allowing access over IMAP for the MUA. Did I interpret it correctly? Regards, Peter. BTW: I still think hop-by-hop encryption with TLS, with the certificates authenticated through something different than the CA system, goes a long way in thwarting mass surveilance. For massive, passive data trawling surveilance, even the CA system combined with ephemeral TLS keying might be enough, since it requires a MITM to intercept TLS with a fake certificate. Ephemeral keys just to be on the safe side :). -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
On 17.08.2014, da...@gbenet.com wrote: Leaving aside the issue of how popular encryption of mail is - we are faced with the fact that 98 per cent of computer users are completely ignorant about software and hardware. They just go into PC World and buy what they like. Looking around where I live and work, nearly nobody is even able to install Windows itself, and software installation is mainly done by IT specialists. I agree that this phenomenon is caused at least halfways by ignorance. How would these people ever be able to use GPG? The anwer is: they would if they would care - but they don't. I've got nothing to hide, so why bother? (*). These people won't use GPG, even if they were capable to do so. Even in the light of the recent spying on the privacy of the general public. I've got nothing to hide, so I can be sure that they didn't that to me. You won't change those peoples attitudes and perception - ever. We make an effort - but I have very very few friends that I have had to install gnupg on their computers - every one I know knows nothing about computers. While we are concerned with our rights to private communication - concerned with NSA GCHQ 99.99 per cent of the world's population while having a general or non-existent idea of security have no idea of what they should do. We fiddle while Rome burns. I'm afraid this won't change. After 20 odd years while there has been advances in cryptography and GUIs there has been an almost zero growth in take up. This is a global phenomenon wrt the information society. Knowledge as a capacity for action has never worked. The know-do gap, failing in getting evidence into action, is well documented (**). No wonder Yahoo and Google (who can not be trusted) are providing solutions to end users who are completely ignorant. Giving the people what they want is a common marketing strategy. This is not about security, it's all about binding the customers. Time to die? Not for me. Never. I appreciate to be able to have at least a little bit of privacy when communication via the Internet. Even if the use of GPG encrypted email is limited to 4-5 persons. It's worth every word written, in every email. The implications for security and intelligence services are a real head ache but who cares!! I also care about the personnel working for my uplink who is tempted to snook in other peoples email. Some countries do not allow encryption by law and those that do will change their laws to have access to All private keys or face long term jail sentences. They fear their own population, because they lie and misbehave. Unfortunately, this is nothing new either. GNUpg would have a great future if the developers had greater vision. We are in a very very tiny minority of people. So small we are insignificant. The use of gpg will die out because we are ALL getting a bit long in the tooth. It won't. At least not for me. We (= the people using it) have never been more. I'm quite sure this won't change. Service providers will make their own solutions available simply as an added end-user benefit but without any legal binding on their own security. We know that the NSA and GCHQ would be horrified by the thought of every one in the entire world encrypting their emails. Provider encryption is useless if you don't trust your provider. It's like letting your private key get handled by somebody else who does the decryption for you. The fact is 99.99 per cent of the world's population does not know gnupg exists. Or GPG4WIN. Perhaps when we are all in our 90's we will say Oh gpg was a good idea, pity it did not catch on. And that's where the big providers like Go*gle and Yah*o step in. Wonder why they exactly came on with that after Snowden (and others) blowed the whistle? Now, at least some are frightened they could be a target for spying and surveillance, and the big providers give them what they need... Just my 5ø. (*) http://tinyurl.com/45xpmjr (**) http://www.inco.hu/inco3/kozpont/cikk0h.htm ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Mail header encryption
On Sun, 17 Aug 2014 11:41, pe...@digitalbrains.com said: - Microsoft Exchange[1] is not an RFC2822-based messaging system. When interfacing through SMTP, POP3 or IMAP, messages are converted to and from X.400. Fortunately they are on the way to replace that gradually by RFC-x82[12]. Modern Exchange and Outlook versions (2010) can handle plain RFC mail much better than older ones. There is also an API to access the raw mail which can be used to replace all hacks to send and receive OpenPGP signed mails. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
I share most of Greene's arguments agaist PGP to a limited extent, however, he seems strongly biased against it. There are two points, in which I strongly disagree with Greene: A) For me forward secrecy is not of utmost importance for asymmetric end to end mail encryption. Your private key is compromized if your system has been hacked(if you don't live in a police state where authorities can force you to reveal it). Most likely the important private messages will still reside on your system then, so they are leaked anyways in this case. So there is limited gain by implementing forward secrecy. So the complaint about lacking forward secrecy is exaggerated in my eyes. Nevertheless, there do exist solutions for asynchronous message exchange with forward secrecy and we need to have an eye on them and watch out for new publications on these. At present IMHO they are awkwardly difficult to implement and maintain and just keeping a watchful eye on them seems perfectly reasonable today. Once a crisp and nicely implementable asynchronous protocol with forward secrecy comes up, however, we should have it implemented immediately.(The synchronous ones are easy, of course.) B) A minor point. Greene complains, that in PGP securing ciphers with a MAC is not enforced in the standard. For an asymmetrically enciphered message IMHO it does not make any sense whatsoever, to secure message authenticity with a MAC. A correct MAC is proof that the message has not been altered by someone not knowing the symmetric key. But knowledge of the symmetric key doesn't prove anything since it is essentially a random number selected by the unauthenticated sender. So a correct MAC in a RSA cipher just proves that the sender is the sender - so what? (I know that many people disagree with me on this point, yet I have never heard a convincing argument for the MAC in an asymmetric cipher.) If you want authenticity, you have to have the message or cipher be digitally signed by the sender. For me the critcism of PGP is clearly unfair regarding this second aspect. Regards, Michael Anders ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On 17-08-2014 17:08, Michael Anders wrote: Your private key is compromized if your system has been hacked(if you don't live in a police state where authorities can force you to reveal it). Unfortunately most of us do. Including the US, UK and the Dutch are aklso pushing for such laws. Once a crisp and nicely implementable asynchronous protocol with forward secrecy comes up, however, we should have it implemented immediately.(The synchronous ones are easy, of course.) Whispersystems has done a good job with Textsecure as ar as I read the opinions about it. In practice their application is very usable too, except that MMS does not work in some circumstances (but who uses that anyway in 2014?) -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Sunday 17 August 2014 at 10:41:27 AM, in mid:53f078c7.2060...@gbenet.com, da...@gbenet.com wrote: I've been using gnupg for many many years. I have 199 users in my key ring and 99.99 per cent are untrusted. A fact that I for one do not mind. You don't trust my key is from me - right? Trust is relative - you have all been here for many many years - but I will not sign keys from you as trusted. I suspect that percentage is only slightly over-stated. (-; For most of my communications, if the person has told me their email address and it works, that's good enough for me. Use of GnuPG adds encryption, and signing if we should want it. The Web of Trust adds nothing in this usage case. Leaving aside the issue of how popular encryption of mail is - we are faced with the fact that 98 per cent of computer users are completely ignorant about software and hardware. They just go into PC World and buy what they like. There is No Microsoft pre-loaded security features built-in and so end users have no idea about encrypting their emails - and no easy way to instantly share keys between users. There is no automatic key generation at the point of switching the computer on for the very first time and then sharing your key with millions of other people. Why would you want to automatically share your key with millions? You would hope not to receive email from millions, and at first boot your computer does not know your email address. Same with so-called smart phones and tablets - there is no automatic simple key creation and automatic posting to a secure key server. If that did happen, whose control would the server be under? Would it provide security or an illusion of security? After 20 odd years while there has been advances in cryptography and GUIs there has been an almost zero growth in take up. No wonder Yahoo and Google (who can not be trusted) are providing solutions to end users who are completely ignorant. Is this mainly advertising hype, and there will still be limited take-up? Can you imagine the horror of Microsoft entering the market? That thought scares me to death. Wasn't that what you were advocating with automatic key generation at the point of switching the computer on for the very first time? But we have to face the fact that Microsoft has a hold on hard drive manufacturers - in that they are all sold with a version of Windows on them. What is required is that at first boot up of a computer an Iphone or an Itablet whatever a programme needs to run that will install and create a set of keys automatically. Your public key will automatically be sent to key servers. Why on earth would we want that? (a) do we want to implement our own security on our own devices as a geek or (b) have some automated pre-installed software that will create all that's necessary at first boot or (c) rely on some large corporation to handle the encryption and decryption for us What's the difference between (b) and (c) for a Windows or Mac user? - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net Learning without thought is naught; thought without learning is dangerous. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlPxC8pXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pUAoD/2BxQsjaN2/+HAHsCI+XNLLuWLSOzVivOF5Q G+Xr55o3puBmzoT7NkAPYQSPe/brVtcqQ+4cH+ofjAhbcXyp8OeMhlBSJGm1zkjT m8quXFxvXVAqBjUeitXmt0/GX9Mm9JK+Bojyv1jhdfpLAHYvF23UkkTM3+pVWu/z E+SfcNNL =7b6U -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
Leaving aside the issue of how popular encryption of mail is - we are faced with the fact that 98 per cent of computer users are completely ignorant about software and hardware. Completely ignorant is an overstatement. Few people today are completely ignorant about software and hardware. Most people do not have the sort of knowledge about computers that I'd like, but... you know what I realized a few weeks ago? I was watching a janitor mop a floor... without leaving footprints in anything. It struck me because I mopped my kitchen floor recently and wound up with soapy water all over my shoes and tracked it through some of my apartment before I realized what I was doing. I mean to go back to that janitor sometime soon and ask him, hey, man, you look like you know how to mop a floor correctly: what am I doing wrong? The janitor probably doesn't know the minimum voltage to flip a transistor (200mV, usually) and couldn't build an adder out of NAND gates if his life depended on it. I can't mop a floor without tracking soapy water throughout my place. Kind of puts in perspective which one of us is the ignorant one, you know? Saying most people today know very little about computers is true, and it deserves to be said. But let's be real careful about thinking we are in any way better than other people. We're not. There is No Microsoft pre-loaded security features built-in Microsoft has a *ton* of security features built into their operating systems. Post-XP, Microsoft radically overhauled their kernel and started enabling a ton of useful features. DEP, ASLR, enabling some of the cool security features of the x64 architecture... In the XP and Win2K days, yes, Microsoft's security was a joke and it deserved to be mocked. It has not been that way for several years now. After 20 odd years while there has been advances in cryptography and GUIs there has been an almost zero growth in take up. Considered reading any of the available peer-reviewed papers that have explored why this is the case? But we have to face the fact that Microsoft has a hold on hard drive manufacturers - in that they are all sold with a version of Windows on them. No, Microsoft doesn't. Walk into a Best Buy, a Fry's Electronics, or whatever store you choose, and it's *easy* to find hard drives that aren't pre-loaded with Windows. GNUpg would have a great future if the developers had greater vision. Then fork the source code and code up your own vision. The use of gpg will die out because we are ALL getting a bit long in the tooth. So what? If a new email cryptography standard comes out that's significantly better than GnuPG, do you think Werner is going to sit around drinking Tanqueray straight out of the bottle because nobody's using GnuPG anymore? I don't. I think he'll cheerfully send GnuPG off into maintenance, applaud the new standard, and volunteer to help with a free implementation of the new standard. If GnuPG dies out because nobody cares about privacy, I'm not going to mourn the loss of GnuPG. I'm going to mourn how nobody cares about privacy any more. GnuPG is useful and good only to the extent that it is a useful and good thing for human beings. *People* are the important thing. The authors hope GnuPG will help people. But, by itself, GnuPG is ... really rather pointless. When (not if) GnuPG dies out, the only question will be, is this on balance good for people? If so, then let's be thankful GnuPG existed, celebrate its passing, and cheerfully move on. Perhaps when we are all in our 90's we will say Oh gpg was a good idea, pity it did not catch on. The good ideas in computer science are overwhelmingly rejected. The ones that endure are usually really bad ones. Compare the Intel 80x86 architecture against *any* of its competitors, for instance. x86 Assembler makes me bleed through my eyeballs and beg for the sweet sweet release of death. It isn't MIPS or PA-RISC or PowerPC or any of the literally *dozens* of superior architectures I've worked with over the years. And yet, x86 won in the marketplace. I think everyone on this list who has more than ten or so years of experience in the industry will have their own tales of technological woe. Good technologies get rejected, and then ten years later they get rediscovered and renewed. Look at VMS and UNIX. UNIX won the server wars of the '80s and early '90s and completely crushed VMS... up until VMS came back as Windows NT. Now, VMS has won the desktop, where UNIX is completely dead... except for how UNIX got re-resurrected a few years ago as OS X, and as the Mac desktop it's making a strong showing. Good technologies rarely win, but they almost always get re-adopted later. It's a cycle. :) (No, I'm not kidding regarding Windows NT/VMS. The parallels between them are *profound*. The same guy, Cutler, designed both, and the Windows desktops that most people use nowadays are direct descendants of VMS!)
Re: Fwd: It's time for PGP to die.
Unfortunately most of us do. Including the US, UK and the Dutch are aklso pushing for such laws. Speaking only for the U.S., this is not the case. The United States Constitution protects an individual's right not to testify against themselves. If the production of a passphrase would have any kind of testimonial value, then such production cannot be ordered. The only time production of a passphrase is permitted is when it lacks any testimonial value. Many people look at one particular case and say, hey, production was required in that case, clearly the U.S. can compel you to produce!, or production wasn't required in that case, clearly the U.S. can't compel you to produce! The reality is different. You need to look at the role the production serves. Testimonial in nature? Nope, forbidden. Non-testimonial? Yep, permitted. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Sunday 17 August 2014 at 10:14:51 PM, in mid:53f11b4b.1040...@sixdemonbag.org, Robert J. Hansen wrote: I was watching a janitor mop a floor... without leaving footprints in anything. It struck me because I mopped my kitchen floor recently and wound up with soapy water all over my shoes and tracked it through some of my apartment before I realized what I was doing. I mean to go back to that janitor sometime soon and ask him, hey, man, you look like you know how to mop a floor correctly: what am I doing wrong? To mop a floor (or, indeed, to concrete a floor) you start at the opposite end to the door you will leave through and you work towards the door, keeping off the bit you have already done. - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net It is easy to propose impossible remedies. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlPxIb5XFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5p7wgD/RWd4o+hxCKgRTs1kZwU2lF6Ky3+oU6I9Yw/ luXgAFzuFbLo84MEDLByAxuDvtViIr9JY7ScGTcWGbWqtU9/npm/MMEaqp0UeUqJ uC9Zg6eAB4qeTlimxDQWf2i+Y1yyws09Nq2/sIaHEqXM5E4dwBLYPOtFnEWjkHhL 9p33zSUu =Fk1y -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It's time for PGP to die.
To mop a floor (or, indeed, to concrete a floor) you start at the opposite end to the door you will leave through and you work towards the door, keeping off the bit you have already done. Yes. And somehow, I keep on getting soapy water on my shoes. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
