Re: Malformed Revokation Certificate?
On 2012-08-08 2:20 AM, Peter Lebbing wrote: On 07/08/12 15:18, Jay Litwyn wrote: I submitted this revokation certificate to a couple of servers and they said it was malformed, and I had trouble guessing how to generate anything different. So, I imported the revokation certificate, exported the whole key, and submitted that. It worked. Now, I haven't ever revoked a key, but I wouldn't be surprised if this is how it is supposed to work. After all, the revocation certificate is just a special type of signature. You don't upload signatures to a keyserver, you upload keys with signatures to a keyserver. The keyserver then merges in all the signatures it has on that key. As long as the signature names what it signs, I do not see why a revokation certificate should not work on its own. It does when I import a revokation certificate to my own key. gpg (GnuPG) 1.2.2 Copyright (C) 2003 Free Software Foundation, Inc. That's old. Like, really old. Why do you use such an old version? I had trouble finding a binary of anything more recent, and I had trouble configuring the 2.x version that I installed with enigmail to use pgp2 and support IDEA. In fact, I've forgotten where the configuration file for 2.x is, and it still is not configured with IDEA support. A lot more keys are on my keyring for v2.0.17. As for PGP 2.6.3, I believe the idea (IDEA? :) is that if you really still want to use that, you have to be prepared for some struggles to get all sides communicating. That's the price you pay. Peter. I have trouble enough getting any correspondent to use cryptography when they should be using it. OH...I was going to revoke _this_ key, and because gpg 2.0.17 skips v.3 signatures, I still will. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Malformed Revokation Certificate?
I submitted this revokation certificate to a couple of servers and they said it was malformed, and I had trouble guessing how to generate anything different. So, I imported the revokation certificate, exported the whole key, and submitted that. It worked. Thanks to the availability of PGP 2.6.3i, I am now the proud user of a public key that has my name and my email addresses on different packets, and for which the encryption key and the signing key are identical. Thanks to the availability of PGP 10.x, a photo is on my public key. GPG won't put photos on PGP 2.x keys. It can. No matter what the relevant Request For Comments (RFC) says, it can. It makes the key unimportable by PGP 2.6.3i, and the key servers have it. I have a hybrid key. The key servers can also import public keys designed for SSL and S/MIME. PGP 10 will export them. GPG won't import them, though -- something about invalid user ids. It says the same thing about the public key for a time stamper (invalid user id). Maybe GPG should be more tolerant. Sigh. The public key I want to use is already on my GnuPG public and private key rings. When the signature on this e-mail failed, I went in to the GUI key management, and found that I am using a different version on the CLI. We are _losing_ features, here. Maybe it'll import into version 2.x if I delete the photo. gpg (GnuPG) 1.2.2 Copyright (C) 2003 Free Software Foundation, Inc. -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.2.2 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp mQCNA1Ag9S8qxgEEAKtpjDbYEVXw1dgl1AdvNvehHjNaelMxl31k6wKIUlXRQoaA UgK5r+CIOa4HNtMYB43JaUa9p23sodfwg+OMrmg3VahSYg+Sz9v2fWJSNDfdIKmk n7/cDs6nA4MDItvKEF1f1xBAYIhUBGhnPD2EYWlvwVdKjq2QGMpO5M0l1VNFAAUR tApKYXkgTGl0d3luiPUEEAECAF8FAlAg9t4bFAAAEQABa2V5LXVzYWdlQHBn cC5jb22PMBSAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGluZ0BwZ3AuY29t cGdwbWltZQUbAAUeAQAKCRDKTuTNJdVTRZIzA/4pc/72hGw/eD55UwUs VY06fc7UHe2ys7+91IIslJZj0x0HyakV8H7rAhSgO+NzouBKMl9mMEgDY+d6hBbS kz1I1D1vYrrK/rU2crPNXxDhNaksmnsFK6CboCHZJJwYiiwY869vyxG8iPMQm0vz jvKBY5RZCzS6/uwYQBpqf8KpELQhPGJyZXdoYWhhQGZyZWVuZXQuZWRtb250b24u YWIuY2E+iPUEEAECAF8FAlAg9t4bFAAAEQABa2V5LXVzYWdlQHBncC5jb22P MBSAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGluZ0BwZ3AuY29tcGdwbWlt ZQUbAQUeAQAKCRDKTuTNJdVTRXFyA/9A0HGM5IM90lelCBV15vi+I2pX bf+AxstXI3tbhUQk6GlCaK0l6lRB3M3ZmjLCcXOxgkisVdjusTh5ceEudLxQD7qp Ux5UAzFtj14uxraWS91VhbsGrkqZ3Lmw0Ujlg8Wyb38M5UG0Hf/E9U4YvX+O5RCL GQtd0kZ0i8wChjvPL7QUPGJyZXdoYWhhQGVjbi5hYi5jYT6I9QQQAQIAXwUCUCD2 3hsUAAARAAFrZXktdXNhZ2VAcGdwLmNvbY8wFIAAIAAHcHJlZmVycmVk LWVtYWlsLWVuY29kaW5nQHBncC5jb21wZ3BtaW1lBRsBBR4BAAoJEMpO 5M0l1VNF/UkEAIqRsrTQeh4wmhiYs2dMOWPx+bnbSl6EdRdhg99HH0WKsDSHk6Lg vrymbX8Hk7PMn1ogHJYZq4UaXF6utRMhgFFLg+ysfoC6qbE8dz/mY+LqoxL0vCAl ZYJCR5sQxv0FGh9K7tLMOEOpn5RgFiEp37K14xf4UukkV9BkmpzbRmcYtEooNzgw KSA0NzItNzgyNyAoaHR0cDovL2Vjbi5hYi5jYS9+YnJld2hhaGEvZ3BnL0tleXBy aW50X0Jpb21ldHJpYy5tcDMucGdwKYj1BBABAgBfBQJQIPbeGxQAABEAAWtl eS11c2FnZUBwZ3AuY29tjzAUgAAgAAdwcmVmZXJyZWQtZW1haWwtZW5jb2Rp bmdAcGdwLmNvbXBncG1pbWUFGwEFHgEACgkQyk7kzSXVU0WE7gQAl7b9 UJU/YvYE3jseRIiRDJcbfQlMIzEccGAj2RT2AApjZMJwf163w89xSuc5lh0KWUBA 1g36L5AIlTvRmGKfYCVGie1JfTtTeSrEYsNQRH6b5lvHfOrFLQbWIkfxXxcl1hDC xP0ke+16mQg8aPGr/mNpPLckpuPmJLViOzrN0gq0EzxicmV3aGFoYUBlZG1jLm5l dD6I9QQQAQIAXwUCUCD23hsUAAARAAFrZXktdXNhZ2VAcGdwLmNvbY8wFIAA IAAHcHJlZmVycmVkLWVtYWlsLWVuY29kaW5nQHBncC5jb21wZ3BtaW1lBRsB BR4BAAoJEMpO5M0l1VNFkqwD/1bUpA3dI44hs0eayV7NmOoi8tHpjv9Q m8HfAQYKRtJkSKSL6ZGXgRFpG3IjDe+TFUbLC884VaXXM8RNrWEs9F39GputUpgp ozENInuXQFiXmGpa/BoEyN3XJI9F1DDJGn9nTFHAI9Eqcq/+w8qdNmjMZjZJKeZi Kp0rKsXGliZu0c24/wAADnMBEAABAQAAAP/Y/+AAEEpGSUYAAQEA AAEAAQAA/9sAQwAKBwcIBwYKCAgICwoKCw4YEA4NDQ4dFRYRGCMfJSQiHyIhJis3 LyYpNCkhIjBBMTQ5Oz4+PiUuRElDPEg3PT47/9sAQwEKCwsODQ4cEBAcOygiKDs7 Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7 /8AAEQgAkAB4AwEiAAIRAQMRAf/EAB8AAAEFAQEBAQEBAAABAgMEBQYH CAkKC//EALUQAAIBAwMCBAMFBQQEAAABfQECAwAEEQUSITFBBhNRYQcicRQygZGh CCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkqNDU2Nzg5OkNERUZHSElKU1RVVldY WVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1 tre4ubrCw8TFxsfIycrS09TV1tfY2drh4uPk5ebn6Onq8fLz9PX29/j5+v/EAB8B AAMBAQEBAQEBAQEBAgMEBQYHCAkKC//EALURAAIBAgQEAwQHBQQEAAEC dwABAgMRBAUhMQYSQVEHYXETIjKBCBRCkaGxwQkjM1LwFWJy0QoWJDThJfEXGBka JicoKSo1Njc4OTpDREVGR0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoKDhIWG h4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ 2uLj5OXm5+jp6vLz9PX29/j5+v/aAAwDAQACEQMRAD8AqxrxUgWiMVIF4rjAaFpS OKdikLKuckCmAKKCQuSewqncanBbN8zevOOKyLnW5HIhjjKsOMjvRYaVzSudajtI ySN204IB5FU5PExIQxjqcsKzzp2p38nmR2zBW7vhQfzpT4T1aM7o40PcYanZFqD7 HR2et2lzEv7xQ56rVlrmPAIYYNcbcaZqFtCGmtGGOpUZx+VMtr94WxI5kXphuoqG uw+XudsHDjINKRXP21/IQGU/Ke+avw6huxvpXFyl8imEUgnDDNKGDUCsIRxRTiOK KBCRipgMCo4xUV3crAmO5Ga0JIdS1KOwjAVd7nkLnFc/datcykhguGPAU/5zSalJ JPPvBOe2O1a/hvQWZhdTqXdj+6B7e/1qkikiHSfD13f7XuWaGI9IyPmP+Fdhp/hq
Malformed Revokation Certificate?
-BEGIN PGP MESSAGE- Version: GnuPG v1.2.2 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp owGleUms9Gx2VjeBRa5yBYIFrQjU1ZBW/lZ1f+Wh7Cq30gvb5alctst2eQxK43me 7bLLitghhigSihIRiTFCWQXEAoSElBULkAJBiBCxYAOiJSRYIGWLQLx17/f3//dA SENJ99atW6/Pe87znOec89p/7fXHvvDFL/6W/J3f/urv6swX/8FX/5L/E1GdJZWX lR/GZbx+5Us/K2yGya+ycYzCzZhmw6aP7k3hjVlTb4KoH7M4C7wx2ozNxtsEzdSW 0aaJN0PU36N+2Hj187LosRm8LNxk42b2hk3llXHTV1H49c3ry3OFsEk9sK5vJh9c nkzRMGR1skmb+Wk3ieqof+7h1Q/gAvgizOI46qN6/LDRm6+Dy7Oqbfp3F6P/g4df 30TL5xbNaQO2KqLH1998/HyQHjArAE+bvojCD68vry+31KuL4enL81LvDvDx/KzM xscz1it33SAf8A9o9nTFqzb102+wsAUBhZsJYPFc5m1aEF4WPDd92wUEDbB4bGqv it6cAH9HT+w3Xhj2AINo2IAYvhvspvWCIhqHd48BgiCILEjftorqoH+0bzE/zX+E fTNkSf0E7O1/fbTJQmAHwFF+2PzfY4KhD8vXn26nDViVvTkDXPwsig8b7soBnOqf Br5N4/vCt2XvkCzPRcMbmIFXf9jIDaAegPx0HIT/zlUZ3T0QmxZ1gPZxw4Kw6Kaq gJ/D5hONpb8GUucBYs4+GgHGKq8A0Dwvf8Y11e/se8/c8R/fQ8enODzXfZqSqXcH QIxvxArvn7xN+vB7kKDPoN4J/95rwM4brxyaj4n2OQyGTRg9UY7eGdH1y9um+k4S JObDRxw3c1aWH/Pv6U/1eeQ+mnz+++vgdzMl6eYb39gMTRW9Z7vnNwDcrL57ZfYx nbLwHdYnNO9EP3Po88vf8u+zfHv65m3GDKwaRq9qgY1Pvs/i1z5sJO/hR2+uDcCP MtyAT1XTP9VdAgnW76DpWZI+8+d7NhCAsgGNIFGAuWeyeGUfeeHjY9Jw9QSsflz/ BKjts/tT089re+A2iMdKo/q7WeuNE9i3qd+LTvSNN13E4NezaoDNnnrI6k/TlzOE N0uVV3tJ9EyeT0Uy1e+Sflfm9FZXvM9p6knvUzXN+9b0RQCORG9i+XbZPJd/exNH b96AJEzBRZ/ClI0/DUj9yF5WA08+tfXM/CwGO4Ygu5+18QnVUxtv8CVtsvnkDY+v beAPyAfk9YVu2kcPUB03n4B8RyAI3bB9FIHiFo/z0xX2GcdbSQPB18GbnW88XxTD CfJbll0N6iLQG5FxNtRFocW3r19fzHefvvmRgfvbjptPJBCYhSJfe+79JrZvbtJx bL+520VB/cHzPwTe7i/4fQSEmno74PJOjB6As3r8NpU9M7PPgg9Vi35ok/bpTKXS MgmTCaEfuyVhGFIc2/zkO4xpz3CYlDAZ3uV7lPK57EWltJQoXOCzKBilramNR76+ GImI9VtaULw9L4+SQ+3Rs2d4RIugQxPGc7JVpL5KUNNLdSfZ6itxR2LrrMunOBTE qnh9qQ+74DTgNbmXTsJ4FxkWjuGFIh0hNSgura8nhHGs8j6boZh3iMpJrYJJUAmb MkuShvb6MpKt6NhFcuNKKETLKbsaIBSGJtkjS5YgunHvg6VvL0YlKQ8xsYttro4V lipP1a8vAY3lPoJcJUp/X0aTJIVSD9dyy6A+ly4Nl77Ftv7zvZLvLldOLkTNLkpO DkKMwAIXzr5Vjq5q+O8mjIhU3/4Qae0k3qabfA7Nm+YKK7nbt8HugKTcvItOGGbM xgAodyA8Dg4GHyGP4bAlYEEYyrObQwvEP7zCPPKHnkz1RNnKazNRolQSlcQkJ2cb 4inl668vxQoL8Am+O30v7noDCfqrbC+nVPaKoaoHVsRpv6F593yenSybnSNO3B8L d8yuklpB9/X1Jb+LlINpLr3q+G6aHZVqu/gotsxFTa/c+eHaYeNYaapyLsDGnFxb nVxLG30Eg3xkP72+OJYAEGG2PyoHnzLw+vL/ysGnDLy+vHGg/j4c2OyD3BEkxHMS JkgEVEYlTZkwds+2AtLary9+vCWXYbQFdPRTQy1wrqQ9ESrxUqNQCXWr/EIHtrIk RTaYYT4NtxQLImYKL4t6OnRAW8aCGeTKjjm8n5bes3QCNlN/4Pqic9FLNUNGXiZH 6+GjRwkzOIiPdwxh7J27vVUwjb68vnDqGEKFC2XHmU7z+/VyUI3v5cDM/QxLnQzL nRsuEKqqkqpA2rNBG/QJ1Cc0HYyPkGskyfauXYyhLacuYpJPtC4ARd85zqzwvgi8 8QEPkK7MR1CZQJsXyxyB9gbw/sS48Cys/owtGGBPjZ4Fl5Q2UE8LlLan3m01Zwbo 9PXlU6XujIIhhU4b+psapfu5SjNnQEJJsa7L1q99vcSZUAvThCB4HrLE4aTzBX5J Xl/u/aPy7SNfHK5SDTcJf3bcbm94NotPoyalCcteku1jiBsa73zmGK67ytleuma5 QHeaLEE+OGdawwZ1uUMslxLiYbxICqO0NaYlbMa06EGE90u8N6aiMAmqqNrV16rA GZmmkddkfn0RdRKSV2EEnx7yg2w8XoOCU3O/IJ/jQCe2DsjTEElTj2PuAJv6Ao1l ZFMPMC9bGGRD5xagVob8uXUe2BicpOnJg+jkMEWRFJlQMaWeVeHqR9zynrgkxZCk NYIoIh2GA4StXeOznM9X0kje14G3cAasVa4NcsRSR9eCU8+awfuTKw3kpF+Fn/Fu AxY5uPUtg+Vm5mmB5RPmXXhJoT6KQ7HqtmlAFnNIVLI8+ATI6rOxc+4Og+ZDpAmZ djoHfqyWkrAyQcCROaLdEJJsc1c6zzGMo/ORWPQpwMoUEi2DAv0CTlD8gpFCebtr FSfGDm1yWQSf49t4i/SecQZZ1Xjcx8o7Hys9e1F9SyjixV6CEk5P9OvLcoWKaAvj lZocvSvX7yq5vV6Cop2u1fliZsray1DSQcy6ZAAP1OPYxjGo0uXg/FJhAMnw9INq +VG08vryw9Tyo2jl3cL3q+VTrRTdfNrBvtGSaCjs9+kARd7DPMiV0mTHkW/zO6GC 3n3kY1J1RG08F7qoX3CXsxONbTlUyE/R9sYa/oU+HvemZ9vSUZN7ixkIFiU4MPMb b/2/WRlZqCdbZTO74lpvRzXMQ0bts0Cw8Ol05mqivrE8KRBMF3S77XzsQrnKJTd3 z2LkZkAXLdSLg82VmTtBAbLfzSR5qqVnzlIfK+9nr+vO2W1B9WdaTjccklSZNyTB WrByRwykOpMiNQcCNTsiTSYCPTciPe8dhtzLJ3UfspqjcbQUn3U14x9Ces4GFNSo h9PKdJEKOUVJNxVT1v32mhmTxpSnK5Og19v+8G6dAdYGBVgKGIoMlEeSiafh8Pqi rMPh/+fn9WV3fHa1hCxIak/OTAayQyNVSSNBVSep47PnsSBe6u3nsxdQvMRQqsOD eY4sRHoHVl8MgIZAkbNEU6TEUqr6FCUVq6CXzgA81dCFG0tRqaw5apAFmvpIXC4F FmiZHgLGNEZ+Pp/kLGiEM506NkcV3ll3apEuOvlkIKCGYUohM5rh8jpTigasmWYZ Oq8vlgmUy4EKgqStV8tQaLtoxJd4stfZtImEzOn0AtPNso2cyu2yBtfLtouazuvA xKLDYBLro/3k9/R8vLHLEAuPoNch4mbCY+wgYZ/up2uBRX6NK3V3jC8rcbURYpdj 2/sbTm+6kKjvIqUyP4DU53DS3nBKwKIZ6OwNJwbUh3B+W61RpJFKqqOrJsM7NnMT cpGiKY0uPG6Z1SKX4MvMWucHpDbW+XRLzzHzhtXryxlgJ+oNLOfBXrm1J40xOQ1K z3opG6bp2hZbeg6iAeWHjWe1a8ibSIimWNSIp1SwuNeXdJ+ds1a8lWfLKrHMrTox b0WravGs7XpxHS8WMh4ybBoup0WyueWYnx/j5QbLtgUTufv6gkyXHFPsCtvmLX7/ HqQ8kpxPQDM088yw05Hsln4xEiuTTIHd9znpsS2YBhUxzIqLOAUFXZGiSKuTHs1d Dc7ElC8f1+iuKOLjUlsYL6R5Lg6KlN81xzNXfQq9fBReXx66jEB7gcJYA7syi6Au eRcM4rq2SIse60pDVso63FM1Xtvb/gZ70qHZQ9fA8WqX7U5AF7yGRCNSrsz9sKgY 3ptlX11JwXHkwA88t2NHmqtGjlNaw122pjT2xN5aBKyw23RqOoDkNG/tKRz4Uy7I omZfEXgnqJwBzjVb7z7j6bTcWzDOlcesYoykPp1kkTsZ9CBoi3bLFBHUKIrWsjaR 6Ga/GCYa9GSlYJwHnYVQh0VlzkkzPNTFpWaDHTisBY8iTSbuSho7bNW98gzy4Xq9 U0qEKLC3S++q5abhrbPDfItTh2gHd0VWZLwen2A0PtiT5XECITyu1XXLhmm7SzuA 5NAsmMSvDhYQ8Sp7Ze4uTWOcKN4QpfqIw0yS54abuR3ntQgitfIltztht912hVJT N3D8lDlpN9OwNRQ6ho0zdVu59rwwJyISy/mCoQG2tW+soGhcvDw8LLfuNNuGZSvs kazc3UHfzHmMyO3oNseEtCfuVsfAA7tLBaKUXWQcvHPbG8d8OlyNkC3FtePHLDqz nLa9AnZ9wGY00ZFH0Pee40JL28/4IDkCvtvDGNZb2b2BYYwYC6TnT5cdKR134AwC HXApMy5ec0fK3evLEYGnuPGgfZseW+px2oLJng2WCYES4B08WvIyJfmlPuNu54pL
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- On 2011-07-29 6:03 PM, MFPA wrote: Hi On Thursday 28 July 2011 at 4:22:52 PM, in mid:4e317ecc.1060...@freenet.edmonton.ab.ca, Jay Litwyn wrote: Do not sign my photo until you see me in person, OK, fair enough. If the key has WoT signatures from people I trust to have such a policy. But in the case of the OP's key with only self-signatures, the inclusion of a photo would do nothing to reassure me. I was just looking at the pgp global directory signing key (the machine that signed my key). About twenty revokation certificates are on it, including p...@mit.edu although it would be tricky to fake photo-id production on skype. Photo-id doesn't make very good single frames, but change the angle on television and those chrome things flicker and move... OK, use a TV projector and point your webcam at the screen. I do not hav a webcam, and I do not know why you want me to create feedback. A phone number would only help if the person ringing it knew you well enough to recognise your voice on the phone. Even then, somebody could record your voice and use it create an answerphone message... That is what a signed mp3 in my comment is about, Signed with the key, and somebody who knows you could recognise your voice if they play the file. Arguably, Mallory could make recordings of your voice and use them to create such a file and sign it with their fake key. Not if she wants any coherence in the tune; not that there is a lot, mind you: It was straight a-cappella. All you can ever do is make a man in the middle attack harder. Live conversation makes it harder. and just in case you do not follow links in message source [comments] very often... Like almost never. (-; http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp (I will never call it a thumbprint or a fingerprint; key hash) Why not? Using the standard term of Fingerprint rather than Keyprint_Biometric might lead more people to understand what the file was likely to be. The picture of a thumb in PGP bugs me. PGP also features a list of words, instead of hexadecimal. It calls *that* a biometric print; not unless you voice it somewhere, and it won't work with GPG, which would need the same dictionary. Additionally, you can do a reverse lookup on my phone number I could possibly pay somebody with law enforcement connections to do that. A link is from my phone number on my web site: http://ecn.ab.ca/~brewhaha/ to my snail address if you want. In 1990, if I wanted to do a reverse lookup, I could go to the library. There they had about nine square metres dedicated to phone books in North America (I think that's where they drew the line, anyway). My library also had a reverse directory for Edmonton. By 1996, they were doing the same thing with a computer and disks; much less space, many more search options. Today, I do not hav to go anywhere, my white pages are useless for looking up businesses, and reverse lookup (for this country) iz at: http://www.canada411.ca/ (under other search options) and at least see if I am lying about my given and family names, according to a corporation that my library used to verify my identity. Assuming the phone is billed to you personally, and that you gave your real name when setting up the service. They required my social security number. Nobody is perfect. I am nobody. Therefore, I am perfect. Why would anyone go to such lengths to impersonate me electronically? I once had a library check on my phone number, by getting out the phone book and finding my surname and address and comparing the number listed to the one I gave them. (That was when I was in my teens and lived with my parents, so the initial would not have matched my first name.) My bottom line is that photos and phone numbers do not hurt. Depends on the user's privacy requirements and threat model. Enerjize, said Kirk, then a pink drummer bunny appeared. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjNqyx47apzXdID2AQGDHwP/Uw+KB6+65nB97iWBgKNAKKS7Fzk5JJ7T PRT5UMShSI+dVOjCSUdxBuiHKVicj6tG+z+vvxbYX01hhX+YZEAZrY15Km0iJ1/0 Qs4SQf1EdvmxASiJoeufy3+KnjlW9fhaXZWi81GQv62fgXZp+4XeQc5A229noWQe 7WT2QNg2Qbw= =Zmq1 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
-BEGIN PGP SIGNED MESSAGE- In my entry on a related thread, I was thinking that one of the simpler ways to foil attacks on bank cards would be to make a smart card play dumb and accept any old pin (symmetric encryption key for a private key). That would (almost) force attackers to communicate with a bank on every trial, except there *might* be a way for attackers to get the public key for a pair off a card. Since attackers can't read the private key (at least not without frying or bridging key bits), they can't tell that it iz no longer based upon probable primes. The bank would come up with no such ID, or BAD signature, and they might be watching for a lot of noise like that. Now, I am thinking that for a card to reveal its public key more than once might actually be a weakness, however interoperable. A bank card does only hav to communicate with one other entity, so I am not sure that this can't be done with symmetric keys throughout. The other way iz to introduce increasing delays for bad PINs. I like my first impulse better, though, forcing attackers to actually use a badly decrypted private key to communicate with a bank. ___ That boy so horny, even the Crack of Dawn ain't safe! -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjFBYx47apzXdID2AQFP8wP/eT5sYDOjdgVRbuHOdbc8JkJ/1wG/d6nQ oW1SvdtXQjTnVDNEpcLop11ibTVqiCkddQTWXazso9B1CPwPAGIA+z6ipfFCYCBm DGp09oEZw9BO52Qhb09GwL+ykXxlgHUcx70rTNDlXM/GlusodQEPbkyFCQ+Dow3p +YffVJbfyyU= =Rs2c -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- On 2011-07-27 8:25 PM, Len Cooley wrote: Well, let me ask you this. Is it useful/useless/ridiculous/orwhat to attach your public key as a sig at the end of an email, such as below? It depends on the environment of your receiver. Would they be subject to seeing your signature replaced? Do any policies concern the use of cryptography at their workplace or domicile, say in jail or in a country where Blackberry crypto is an issue (India, if I remember correctly)? Do they live in a country that accepted U.S. export restrictions on cryptography (probably Russia)? Is your recipient a public figure (about whom there might be motivation to pull a Murdoch) or an ex convict (about whom there might still be search warrants)? In any of the rejions where cryptography is controlled, it is a better idea (than simply sending a public key with no signatures on it other than yours) to be creative with the hash on your public key; perhaps telephone verification, perhaps you can personally meet someone on the web of trust. While the Physics of public key cryptography are air tight, it depends on signatures on your public key to become robust in the real world. I suspect that you are more likely to get those if you release your key on servers, and sign a lot of stuff that people consider important. Attaching a photo to your public key might help. So might putting a phone number on your public key. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjFNvx47apzXdID2AQEWCQQAkWqfrRfQYixNinxHY96rEawOrCcsRcHF aQDSq0knmwOXRggiQFLkb4iixFKV49hnbfbseDVHRv5cefdldJFuyetGhCruINQj yPesb3cNkyvnCBD8yN4YPkmPfGnDu+9EEaYyRqUSUu18S9q944Gm/m6t2q8LlLXh 9ogBDYNJfio= =FbUF -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- On 2011-07-28 8:01 AM, MFPA wrote: Hi On Thursday 28 July 2011 at 12:53:41 PM, in mid:4e314dc5.4000...@freenet.edmonton.ab.ca, Jay Litwyn wrote: Attaching a photo to your public key might help. So might putting a phone number on your public key. I'm not too convinced a photo would help much. I could create a key and include a photo obtained from the internet... Do not sign my photo until you see me in person, although it would be tricky to fake photo-id production on skype. Photo-id doesn't make very good single frames, but change the angle on television and those chrome things flicker and move... A phone number would only help if the person ringing it knew you well enough to recognise your voice on the phone. Even then, somebody could record your voice and use it create an answerphone message... That is what a signed mp3 in my comment is about, and just in case you do not follow links in message source [comments] very often... http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp (I will never call it a thumbprint or a fingerprint; key hash) Kleopatra won't handle that file...says no data, and gpg will handle it on a command line, making an mp3 out of it. Additionally, you can do a reverse lookup on my phone number and at least see if I am lying about my given and family names, according to a corporation that my library used to verify my identity. My bottom line is that photos and phone numbers do not hurt. ___ Quantum Mechanics do it on fields and in time. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjF+yR47apzXdID2AQFtwAP+Lqb7pQJzmkX8rS+vE6zR0VzEZGAFfhre fIC8Y87nms0oZqm3R/524et8uofveIi87qvVZZ+zdY64oku/bgqqnM0kQQhKUHEj pjMwuNE6APiOsNRDiDeEEgx5OPZSk+/THVlKI0JPOAvjEuv/ThAT9aQMm/RBrlyG e2xgTNyjM18= =2bpK -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- On 2011-07-28 10:08 AM, Melvin Carvalho wrote: On 28 July 2011 16:01, MFPA expires2...@ymail.com wrote: Hi On Thursday 28 July 2011 at 12:53:41 PM, in mid:4e314dc5.4000...@freenet.edmonton.ab.ca, Jay Litwyn wrote: Attaching a photo to your public key might help. So might putting a phone number on your public key. I'm not too convinced a photo would help much. I could create a key and include a photo obtained from the internet... A phone number would only help if the person ringing it knew you well enough to recognise your voice on the phone. Even then, somebody could record your voice and use it create an answerphone message... It's now possible to put a photo, phone number etc on your home page, and also put your public key there. That's what I do. For this I use my OpenPGP key together with some HTML5. The only reason I am not using HTML5, yet, iz because it requires knowing CSS to set link, vlink, and alink colours. What you are talking about only requires HTML 3.2 (which haz been a standard for ten years, and even now there is a portion of internet traffic from I.E.6.), which supports colour in body tags, while HTML5 does not; yet another standard that is not backward compatible. Not recognizing a public key from stamper is being not backward compatible. A signed photo means a *bit more* than photos on facebook. A signed phone number means a *bit more* than a link to your phone company. That is especially true when three identifiers are linked to the same key, separately, so that you don't need to know all four (voice, name, face, and e-mail address), and so that you can let other people confirm only what they've experienced, az in perhaps they should not feel qualified to sign my given and family names, yet they're confident of my e-mail address. In my case, that iz likely, because I yuuz only screen names on USENET. The bit more is potential for privacy, and insulation against identity theft. Someone could simply copy your web site and change a few things to steal your identity, at least until you found out and complained to their ISP. That's why void appears in my public key. Neither PGP 10, nor gpg were going to allow me to leave my given and family names blank; separate, and yet _linked_ elements of identification. It's quite a new system, but supported by the W3C and on it's way to becoming a standard. For more info see the video at: http://webid.info/ Like I said, it is more authentic and therefore more useful when pieces of your identity are linked in dijital signatures. It would be a bit tricky to do that with HTML. You could do it with PDF, because there iz a standard for signatures (and probably compound signatures) on PDF. There isn't one for HTML, AFAIK, that doesn't require s/mime or some complicated and little-used piece of HTTPS or HTTPD. ___ Line for Darth Vader in Star Wars to sanitize: (Exhale, Inhale) Luke, you are my bastard! -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjGnFR47apzXdID2AQEoCwP9EVxC4OeoqZ4wIQvKHwMRezh8ytLQYEo9 pTfbjuE3zwqzge+Aj9U2OjgKSfWq3GFYmQ59QBMNUtaGT2pVP1n3RIFsuYEr+1XY cem6oL0cyMT8X0e198J7sy9bC//TD8NaEkPOW5p1D8YzeFuKOSc2LeHuyCjnU4Ox I+9YK8TtA2s= =q4aO -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- On 2011-07-28 10:08 AM, Melvin Carvalho wrote: (...) It's quite a new system, but supported by the W3C and on it's way to becoming a standard. For more info see the video at: http://webid.info/ (...) paypal and your bank are unlikely subscribers to this potential standard. You will notice that neither one allows your browzer to store a password for them. They also time out; expire logins. That's how concerned they are with authenticity; not even someone else from your home. I do not really see how an open login system can *increase* security. However much you use the math, if you are effectively logged into all of the servers you ever used at once, then the openness of your computer (say if it is on, and you head out for soda without logging out) is an authenticity threat. You do not want to explain someone else's actions to admins on wikipedia: You will be lucky if they believe you. ___ I found JESUS! He was in my trunk when I got back from Tijuana. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjHF1x47apzXdID2AQEUNwP/f7/Gwidil0/kuJ+lX4Bc2U9KJe010M+Z NOCWsanisa0D0lzkjZOslnN5t4+UQ+g075RXXpQEQBA/asPhk9gFRiXvn6uA9mRs vTAWWd0xTdHWrR0/hJSyQo7pWqBbREG+n6sDLONh/7qbgbTNXZqjNUvWdAAvuKP9 x+cViAeOWNI= =96R6 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
-BEGIN PGP SIGNED MESSAGE- On 2011-07-28 6:05 PM, Crypto Stick wrote: At the moment, my secret key is stored on my hard drive and is encrypted by a long passphrase. When I transfer my subkeys to the smartcard, will they actually be encrypted whilst they're on there? The very purpose of smartcards is to keep secret keys confidential and secure. This is achieved by physical protection, different layers, puzzling structure etc. This makes it very, very difficult to extract the keys. For a state-of-the-art smart card like the OpenPGP Card 2, I guess the price tag would be around 100.000 Euros. The beauty is that this protection can be provided without the burden for the user to remember a long passphrase, since this is not required to encrypt the keys. You could use random symmetric encryption keys and encrypt them with a short passphrase: Decryption would be two steps. Or, you could disable the command for exporting a private key; import only. Iz GPG in ROM on this card, then? ___ Xerox and Wurlitzer will merj to market reproductive organs. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjI/Eh47apzXdID2AQGM4wP7BD/N5ki544ekkJGuu20qYpqjJhdKmNn2 tQqxY0JYH82SnevQOrRPNfOI+pqM2EuemppItfYbuAG0iI2KqE/aa2Ax/wUL++EA QLy3xuKU8VzxXrSyBm1hqr0FgbA29uxSp/CwHE+TNdgVDEn6aqmq5lZdn+OSqfpR FXIXoYC/0Dc= =icAi -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can version 1.4.11 be configured to use IDEA?
-BEGIN PGP SIGNED MESSAGE- On 2011-07-20 4:31 AM, Richard wrote: Hello, On Tue, Jul 19, 2011 at 03:57, Robert J. Hansen r...@sixdemonbag.org wrote: Is there some particular reason why you send messages in an obfuscated format? how is that working anyway? Apparently GPG automatically decrypted those messages for me. How were they generated? What is that? :) gpg --sign message.txt notepad message.txt.asc Clear message answer. Cut and paste message.txt.asc into answer of message. It is a compressed, ascii-armoured, and signed message. It handles long lines without pgp/mime (which currently doesn't work for me), and it survives whitespace corruption such as what you might get from cutting and pasting a message from an archive. gpg -sa message.txt does the same thing. Notice the omitted Teh that would make it a - --clearsign . Thanks, Richard The soldier who survived mustard gas and pepper spray is now a seasoned veteran. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTidMIB47apzXdID2AQGXXgQApO37rCwoMqDBLaEKkItg1a+Jig4kBl3E 84/60lhu1d/txujQ+hm9uqbm1i1eTQ3UIktkgRojr6zB2J32Cdsef74UgK0758di YUho5JeC6Gq/PFV0KN84RWVyujgbOe9I2GgmISUcVqLrWiCAa0/K2qZ5mGG3feM/ ChdOsRfHSpU= =ibHH -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: secring and dropbox
-BEGIN PGP SIGNED MESSAGE- On 2011-07-20 9:39 AM, Aaron Toponce wrote: On Wed, Jul 20, 2011 at 11:23:12AM +0200, Werner Koch wrote: On Wed, 20 Jul 2011 03:25, r...@sixdemonbag.org said: I'm presenting the script here in case someone else finds it useful, but really, it's embarrassingly simple. Never let simple embarass you. For me, it is key. For someone else, it might be poetry. For someone simpler than you, it might be obfuscation. :) gpg --gen-random --armor 1 16 Might even be a bit simpler ;-) Ah, cool. However, as the gpg(1) manual states, --gen-random removes precious entropy from your system. I took that for a joke. Someone should put a ;-) in the doc. It might be worth adding to that note, that regenerating entropy isn't that big of a deal. Something along the lines of: $ du / /dev/null Should be sufficient, by causing a lot of disk interrupts. Just a thought. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o Discarded Acronyms: Wake On Packet: WOP. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTidU5h47apzXdID2AQEDSQP+NnCN5QjVC67P3Z/H+BnWSO57bHkx9zCn YM8fTJ7walAQAZ0ESfw/fxpKL+9WFertddO6YXOyWMnODIRX8bRf1pvIyFBnJc6C /vGcVEP4WPZJF+Gf9C16zD4MgT1pp0o94UQgsLcSvISB0KFFv9vQZ/RgEDwzSftg 7aVa6y3Hsu8= =UwN+ -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: secring and dropbox
-BEGIN PGP MESSAGE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp owF9Vl1oHFUUThpb6eJSfa7oKYJJcH8msWmTWFISH9otplaptPVF7s7c3bnJzNzp vXey2bZo37QIolKhSBUR/KEovvRFxBeh9lUQf6AgaB8VXwTpW/3OnZ20VTAksDv3 3HO+853vfJM36xNj28YfeWrt8k/u/N/jn+/c0b2/n/dbbtMdnUzGn81oNpiZaQb7 m7MBzQSLc3O0vNqgZWF0Rsd1rrNQ0sBoJxfrtSVC/AkZNehIkeBiw18m4SjYt7h3 fvHJ4NgqPRHMBkGDg49Io1NJK6JI76RYWqLluEGh1kmLDuuB3JCmQcKSiyUB2dTM NKUiK0RSBlsnnLQNajb7MmsakUU6JSNTvSFtGZEbGSpdWJKZMzofUg9laagLQ3Zo nUxbHMd/tFI41BFu0iKFSJKhr5prlbkWdXp8iQYicz7YIlvWp1HJSDjR8Jf9xzIi 1kUSUSw2JMWqH1cIWluFqic+PJMyQp8azYMWj9Li0yCWRqI/Ui3ZanjgZfYt8Ezm KSZB93C3MFYC7WRKmXYkTL9QgOmrKfzabNJ5+rvAYAQaNL7LSIdFCjjCKYw29Mi7 klJtJEcDU55IJxtkizDmgRhpnTZbuSt2Rc9JBkhyMxaF5WwjjEt0ggM7kxH1VBb5 1ARqJWfiPMrSIB5yhz566oQ0mTTTFMbaSjqNmSs3pASS8MOnmVaZMdLcAUL8kcX3 g/68Y2mWekWSVOAgJNQNaA24qCgnd3BEIBMWFsYrRXS1HxAAodGBTJIGkCn0jZEO WFdlz//lradNec8OlEO88sGJCNe5wXKcgsXkaFBR3JWZ7KlQiYSve+og+qHOsFmx psJKWykf4rBS+jwkokhxTb8JFMskJ1YKyK7XjvI2UTokq/qZcAUYpi4kvU6AFXNz eT9vpyqVkEJXhhiUpONxkUXSdJWJeBSpjlRvyLCRx8lNV40WKuK0tnpestqhUEBa DPfu5FbjRKR4zJnQBjWtYIixc/liuy3DrCW6rVC0XwZAkBOLNqLaOU+nlWd9ju3Q GjiCWGVEM7R3b0BBEFB3iM2nqfkg2NyHr88fWpn27cFGfJ1mppvCQGX3mgN8DBk4 wVJZxIgBlxAJsEYq4i3hNIQBYFCe8ExjgSH3vhFpvQZeemCarU9lJJXfIRzlkAj2 gzvmPFi/ei3XkJqoTr0+RnlHIRCQp9SXdAPdoGoe3MSAnQ/682PAInrZdSpnkZno JpCgsuuUS4PksMYQYVhf3ivrZYuIAfYNwv1XOi9ibufe61TdhnlIPsBTCDyBS5UF I98G/JGgUwsJQlwSeo3g90HgBbiMQxcbUAdPAj8pQXSjGtSO5Ea7nEa95jVHq/hm xDpqKxMKzjOH+YK4hD0W7bJn5UZ3UX+4xdDWrYFQbgQLu5M5WyoPtIrQFd7JR8Ul r5xDd6R6INIIZWVUr51sVhRFxcjTmIfqbXEP4nptRWNWo5GyP4CmImOHxJ5ZBYYa YFdkitXrJ5az9qUDo2QTvAlgl5u5yJg77HS9xqKeoZm5hUrU1ZoyjC3lTXtqDxkx tKFI7joYYegl7PEZdQGvXhsR36LlO4F86gFVejSyl8jQwaX8C6ry2CJTTBZogzic UXhXgLiKgKxIuxh8OWh4Ab8ZKLeyiHS1ZGVItbbsaiPl+hc9VuB/DWBVR3yNXx2x Q8FYnAFzbIpcTSXC3GkJKF4a/TCaWDMxghUp2Y4hL25aABG3ApNKc8glSXDvmE4U 5M4qT7T2Do3XEcum9drl+8bGt43t2L6N/w0aq+18sPof6avDE7dPvv0L3fz6ypV3 j37b7l/9bWHHR53Tv168tkffHF794OlTV9yF+asPv3jrr9sT1y5ef+zjYwdWvnv/ 1YXXW3tunNt57o0vz17/7Kzb9fPC9gfOvPdQ8db57Tcmxi/c+t1+Ee66dmD3/P7u peHx+cf3b6698meSP/PpJx8+f+GdP3ZP3X7hm+8vPfpc54cf/wE= =f4bV -END PGP MESSAGE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Where are those stubs..
On 2011-07-20 6:38 PM, Robert Holtzman wrote: On Wed, Jul 20, 2011 at 11:56:54AM -0400, Jerry wrote: On Wed, 20 Jul 2011 15:43:06 +0100 da...@gbenet.com articulated: ..snip Most people have Microsoft on their desktop or laptop without any choice. They do not have the freedom of choice. Most people like my girlfriend just switch on their laptop or desktop and use it without any knowledge that there are alternatives. Absolutely, F**ken Bulls**t. You always have a choice. The truth of the matter is that your girlfriend, or any other individual for that matter, choose an OS that they can actually just turn on and have it work without spending days attempting to get simple things like wireless, printers, etcetera operational. Hell, I use FreeBSD as a hobbyist OS on two machines and it doesn't even support the wireless N protocol after over 5 years. The list goes on and on. People tend to use what works best for them. Even more so, they use what works best in their environment. Never worked for a company that dictated what software everyone used, did you? ..snip.. What you are really trying to enforce is the concept of socialism. What has preferring to do business with ethical companies got to do with socialism or any form of government? You don't hate Microsoft, or any other corporation specifically. You are using this pseudo business practice scenario as a smoke screen to cover up the fact that you are really an anti-capitalist. I'm surprised you didn't invoke the Liberal Agenda. You want software to be free. I have no problem with that as long as it does not deprive an individual of his due compensation. You usually get what you pay for. You just alienated the entire FOSS community. Time, trouble, or tickets; you'll get what's paid for. http://ecn.ab.ca/~brewhaha/Sound/Desserts.mp3 (It's not finished. Vocals in it are straight a-cappella.) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can version 1.4.11 be configured to use IDEA?
Looks like the answer to my question iz: Not legally. I was thinking that IDEA was more than ten years old, which I thot meant that the patent on it was expired. Silly me, though, looks like patent law changed for about seven more years of length. So, while I'm waiting for six months or whatever, I might az well change the password (and encryption algo) on my private key with gpg 1.2.2., and then migrate to 1.4.11. Hopefully, I can use the same key with PDF. Kuz, if not, then I *do* know how to convert PDF keys (S/MIME) to PGP format, and I want only one key for everything. I revoked a subkey before I realized that people need it to encrypt messages to me. ___ http://ecn.ab.ca/~brewhaha/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can version 1.4.11 be configured to use IDEA?
-BEGIN PGP SIGNED MESSAGE- To make a long story short. I created a key with jenuine pgp 10. I exported it with IDEA. I made gpg 1.2.2 work with IDEA. Making gpg 1.4.11 work with IDEA failed. I changed my pass-phrase using --crypt-algo CAST5 with 1.2.2. Now, enigmail works, so I am one happy camper. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTiVGbB47apzXdID2AQHQJAP+Mqmqu/58FHIT5os2t+B29Lgz+KFI8ctz i2j/iB3GCwZT7GNEhj8QF1scc3nO/gPdkGChAReLpuX6Oe0OJiOSl5Yl0Q1jmP0R zfcHkQeiRRhR4ZigjEkWpVMOWVQ0fZc/jeDlG5sGshS56Hdjh19iaNmi8u/PVne6 BTehLUUEqlg= =mqIE -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: secring and dropbox
On 2011-07-19 6:18 PM, Kara wrote: Reference Robert J. Hansen's 19 Jul 2011, 1504 (-0700), Re: secring and dropbox: Is it a bad idea to place your secring in dropbox? Depends entirely on the strength of your passphrase. With a strong enough passphrase you could publish your secret certificates in the newspaper of your choice and still be confident of their safety. Using a decent password generator and specifying a mix of upper and lower case letters, digits, and special characters, how many total characters -- as a minimum -- would you recommend such a password be? Any particular password generator program you would recommend? Your brain. You hav to remember it, so you are better off constructing it in the first place. Remember that you will hav no automated retrieval process, where a friendly program reminds you of your passphrase. It iz almost a shame that the most retrievable things are sentences with non-sensical images in them, like Harry Lorayne's pimple-moose for pomplemouse, the french word for grapefruit: He would hav you imajin a moose with giant grapefruit pimples to remember that french word. You can then insert punctuation and numbers that don't go on facebook, anywhere, cut some of words down to initials or consonants (or out, if it's long enough). Then, add a pattern in your casing. There could be a program like crack applied to input passwords, measuring strength. Of course, if you are confident that your private key ring will never go anywhere, and that you can revoke it if it does (JENERATE A REVOKATION CERTIFICATE. Store it on that USB key that is chained into your coat.) It would of course be a nuisance to hav someone publish your revokation certificate, and nothing like losing money at Mark Twain Bank. If your friends are good enough, then you can leave a revokation certificate with them. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Can version 1.4.11 be configured to use IDEA?
-BEGIN PGP MESSAGE- Version: GnuPG v1.2.2 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp owGbwMvMwMQoZ50153pJwzfGtYyTk7jTC9JLi1OL9EoqSvxU+rL8ixRS8hU8FfJS U1MUSvIVgHIKZalFxZn5eQqGeiZ6lvZAyeLEcoVEhdzU4uLE9FSQqpKMVIXUtLTU 5BIgM7EEolKhPDMnB2xAZkpqol5KTo6eQnC+QlpikQ7QjIzEMoWk1NQ8hdK8xKQc sCnJ+XlpmemlRalg/YaGMPvB2hVCMjKLFYAoUSEtMy9VoTw1Jzk/NxXZFSB/FCvk pykEuAdA3JEINCs3M70osSQzLx2kJDUvMz03MTNHIS2/COzq4ozU1CKFgvxyIAnU CXRCGVBNal5yqkJiXopCWk5qRWZSZk5mSaWCRnJ+aUEOMFjKM0sywJrTEmEehpub kp9arJCXX6KQm5+SmVYJd15xfmlRcqqmFS9XtKdfmKOPp4uCs2eAh2uQgr+fQkCQ Z5hjiKuCt2ukXmwnw1RmVgZQXMAjimnxMuZ/VhNaJq84N6P4ys3oaUd19W1PzHYT aTYWif+9rTY/+O2B5+/2GH5oLWqaJtyx6MBB/onbDT7uNv+/3/rjkff35gdciMsI TZDm43J3EjHfZFujczfTLKJwy7fQTwkx396p1rP5VV/jZa/brnX6wqKN89l9xOLY Fj2a1p3v9ZvJLXRNbcyVa5+zAQ== =arjT -END PGP MESSAGE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can version 1.4.11 be configured to use IDEA?
-BEGIN PGP MESSAGE- Version: GnuPG v1.2.2 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp owGdVU2IHEUUTrLGnyUDOQlGlGcSSJb09Ez3TDabVhZndyaTibM7w86uy0oS6Omu 6S7T3dVUV2+nIWggsuIhIAkiUS/ecvEigoIgiAej3uLBnBQEDzEgXowGc/BV9f5E RaIOQ/9UvffVe9/73uvXS2Pbdmx/8ukX3/lGnL+9/b2HouEuL/bShPCaLs6K+f3X H+hFYFYNo1w9UjamoG4ZNejPaXCC+XYEy2SV8AQyzgSxSuPTgNbGlLSVPmDWrPph tLVz6FKR5dGWJf6noQOCU+KC8G2hwwxxbDwaVxMWEkFDkoB8x4hgxFmIZgQcFoZ2 5EJAI6IpkDDHxWhEvZTbgrJIbQEntptYyiBgtlsmZwWJErntWCe9KI29k9Qltu4G QRGKAJeRJDogIGP8jAaYWQR0hNGEbFUFoctjQDB5YpwOwaWcOILx3IKOwkgEDQLw iIC9NFq1A+qCQ2Of8L3r8fOcRp5EcInD81hIJJZFEHO6agsCZ0iuK6SGyvAM0cAn +VOadJHJM7xw8NIcMp9hinGA7GkQMYgZjQTQBGgENiTUi2yRcqLAMip8TIITyTPW x5yCIRUJpkglngWD443Dhll4I78x0jgMSOEnyTd0UzcLLmdxOxWEH0jAsSVZiiaH pXg6BmmenqzLEAKSJMVp5umaCQlB6txEL+ouRbJMI5dlCeQsBd9GftEZgbdolhLI MDoi4dCKg48rSLkGVEgQl8QEMQErKqnZAJR6lFUufKWwgJy1HRHkmJ+u0imX140k TOJvhJH51PG3AqCKzjTBihVxl8al88F2lPbbEwUnpfFZFuecer6Ag7MT2CjVGhzj hMCAjURmYwTHkBpX6VKDTuQg1KKPuDFnHrdDKWdUuWK6MTPodZcWW90VmO/BcmNh oTG/uLLhgP+RBE7WgTWQXSDjlqdkJJBIkkWOJCXYVkMsk6IKz0fROIQLm8pSRS6V 4SAZA0IUdyOK1Z7t9Vc6820YMY7com0g61UaP464FjZNRTVNaXyQxjHjArvWDjzG MfJQ9lk/HaJ6LVgYNDR5KbeK20CDVrct35pyB5+RNNUU2DXNFi7Vmi00mm0MFnFU zHR7y8c6g+MaNOQqXoyjprqbhyc1WFzuyV2Myk58C+aa6ILqNfCsTr811zQmq2oB jWVtwpijEDFZC5aUsuWr7JgXOn28dDszMsM/F9bUq7pxBF9jr54hYaZu6NWJ0nhA h17RtIZe1yf/Xnqcd/crfZc6OIQItPvd1dohC9rzS/J5U7Q1QPIDnAQcnvGFiK2K ZF1n3KsEhWtS8eJA90UYTP+DMKxNUahlVISDfegRpZe/iEOJS/VYcq/mNueNGpoC YsJDKmTJhzmGl92ji1mr0mROGqJZok4YECGwZZJKL4sIrzRinFFOMZebtrD/i4pQ K0o1W4L5H1KR5nOtbrfTwLmHHwxY/22uSp+NFyWb+0tL3WtTdW19chbrZv3fSQ4j x2dTcvjatjfGdm6TX9nNb/COxxfGfn/wlS/Xrnx14lK9fO6tXQ9f/e2Td1uPXj9x bc/unS99/OrdU5+fu7G2Z/fRRyaev8mCQT79/tjVt3/6ds+l+nPVO7dr+2/tm3/z 3Iqz9umSe/fXHe9dfOy7q7cufrj8/Y1Wf+fazxeub9+7m104//WhuSfq+65d/qU9 9XLjsx+1L+5cOfXsRfrR5Q9u/vAH =f5VZ -END PGP MESSAGE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users