Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Kevin J. McCarthy]

Florian Lohoff wrote:
 I my wet dreams i' encrypting every single message. But mutt is not very
 helpful in this. Yes - it can encrypt but i'd like mutt to decide
 automatically when it's capable of encrypting the mail (remember
 multiple To:, Cc:, Bcc). It would be okay to encrypt a mail if i have a
 key for all recipients. 

I've just sent a (6 part) patch to mutt-dev that implements this.  If
you're up for it, I'd appreciate people trying it out and providing
feedback.

http://marc.info/?l=mutt-devm=136340705622283w=2

-Kevin



signature.asc
Description: Digital signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Chris Bannister]

On Wed, Mar 06, 2013 at 09:37:46AM -0600, Dale Raby wrote:
 I sign most of my messages, even though I only know a few people who
 actively use GnuPG/PGP.  As I see it, this is one way of promoting
 encryption.  I.e.: What is that block of gibberish you have at the end
 of your emails?  That, my friend is my public key.  If you have the
 right software you can verify that I sent you that message, and we can
 even send encrypted emails that nobody else can read but us. 
 Really?!  Tell me more!

Is it true that if you want to correspond with people on windoze who use
outhouse then it becomes tricky?

-- 
If you're not careful, the newspapers will have you hating the people
who are being oppressed, and loving the people who are doing the 
oppressing. --- Malcolm X

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[s. keeling]

Incoming from Chris Bannister:
 
 Is it true that if you want to correspond with people on windoze who
 use outhouse then it becomes tricky?

I.  Don't.  Care.  [about them].

However, it might present a good opportunity to mention Firefox (or
Opera) and Cygwin.  Yes, I am (seriously!) biased.  Rediculously so
(at times).

Fneh.


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*) :(){ :|: };:
- -


signature.asc
Description: Digital signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Florian Lohoff]

Hi,

On Thu, Feb 28, 2013 at 01:24:44PM -0600, Will Fiveash wrote:
 I have a couple of comments about this:
 
 - Why sign most messages?  Unless the information is important for
   others to verify that it came from a particular person why add the
   bloat of a signature.  Beyond this I find it ironic that people sign
   e-mail with a private key where its public key isn't found on a
   standard PGP/GPG keyserver like pgp.mit.edu or kerckhoffs.surfnet.nl.

The point is - if you have no policy what to sign anyone could make up a
message of yours and claim it wasnt signed. I can claim i have not sent
a single unsigned message since '98 or something, be it private or
work.

Signing a mail might be a good hint for HAM detection but thats going to
far.

 - If one is concerned enough about allowing others to verify the
   integrity of a message shouldn't this concern also extend to
   attachments which are a classic attack vector?

I my wet dreams i' encrypting every single message. But mutt is not very
helpful in this. Yes - it can encrypt but i'd like mutt to decide
automatically when it's capable of encrypting the mail (remember
multiple To:, Cc:, Bcc). It would be okay to encrypt a mail if i have a
key for all recipients. 

If not a nice way would be if mutt splits the mail into an encrypted one
for all recipients i have a key for, and an unencrypted one for all i
have no key.

In times where all countrys try to get hold of your communication data
it is best to try to encrypt all your communication - be it in transit
or stored.

Its all there: Encrypted filesystems be it truecrypt or dm-crypt, in
transit e.h. ssh, smtp with STARTTLS, imaps and gnupg for your mails.

Signing a mail is a sign of - i'd like to get all mails encrypted - this
is the key i am using.

Flo
-- 
Florian Lohoff f...@zz.de


signature.asc
Description: Digital signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[s. keeling]

Incoming from Florian Lohoff:
 
 On Thu, Feb 28, 2013 at 01:24:44PM -0600, Will Fiveash wrote:
  I have a couple of comments about this:
  
  - Why sign most messages?  Unless the information is important for
others to verify that it came from a particular person why add the
bloat of a signature.  Beyond this I find it ironic that people sign

The bloat that a signed message carries is hardly bloat nowadays.
HTML mail is bloat; a text version followed by an HTML version, likely
followed with a legalese disclaimer .sig demanding you delete it if
it's not intended for you, plus multiple jpeg thumbnail attachments
...  Now that's bloat!  email should be text, full stop.

We used to think emacs was bloated, and compared to vi then, it was.
Now, we have Tb sized drives and GHz processors in pocket sized
supercomputers.  Welcome to the 21st Century.

Signing an email with PGP/gnupg doesn't begin to reach the level of
bloat with what we have to work with now.


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*) :(){ :|: };:
- -


signature.asc
Description: Digital signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Dale Raby]

I sign most of my messages, even though I only know a few people who
actively use GnuPG/PGP.  As I see it, this is one way of promoting
encryption.  I.e.: What is that block of gibberish you have at the end
of your emails?  That, my friend is my public key.  If you have the
right software you can verify that I sent you that message, and we can
even send encrypted emails that nobody else can read but us. 
Really?!  Tell me more!

As things are now, all kinds of personal info is sent in the clear as if
it can't be read... its like writing a love letter on the back of an old
style post card, and most people are oblivious to this fact.  I once
advised an attorney I was acquainted with to start using encryption. 
His response was; Don't encrypt anything, have nothing to hide in the
first place.  He is now serving what will probably be a life sentence
for conspiring to blow up his wife's car with her in it.  He says he is
innocent, and the circumstances of his trial are sketchy at best.  Key
evidence at his trial?  You guessed it, unencrypted emails.

All person-to-person email should be encrypted.  Even if you think you
have no secrets, you might be surprised what can be garnered from a
month or two of intercepted emails.  Hushmail type accounts are no
substitute since they are not really secure.

Even more fun... and more secure, is using steganography
(i.e.:Steghide/SteGUI) to embed a PGP encrypted message into a picture
of Aunt Sue at the beach.  (Paranoia can be fun!)

I see no problem in signing list posts.  For those who want to verify
them, its easy to set up, those who don't can ignore them just as
easily.  Its not like you are printing them out and reading them from
paper, after all.

Dale

On 03/06/2013 02:46 AM, Florian Lohoff wrote:
 Signing a mail is a sign of - i'd like to get all mails encrypted -
 this is the key i am using. Flo 




signature.asc
Description: OpenPGP digital signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Patrick Shanahan]

* Dale Raby daler...@gmail.com [03-06-13 10:39]:
 [...]
 I see no problem in signing list posts.  For those who want to verify
 them, its easy to set up, those who don't can ignore them just as
 easily.  Its not like you are printing them out and reading them from
 paper, after all.

Which is the same argument html posters use!  And those who find it
necessary to also pm the list-mail poster[s].

-- 
(paka)Patrick Shanahan   Plainfield, Indiana, USA  HOG # US1244711
http://wahoo.no-ip.orgPhoto Album: http://wahoo.no-ip.org/gallery2
http://en.opensuse.org   openSUSE Community Member
Registered Linux User #207535@ http://linuxcounter.net

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[s. keeling]

Incoming from Dale Raby:
 encryption.  I.e.: What is that block of gibberish you have at the end
 of your emails?  That, my friend is my public key.  If you have the
 right software you can verify that I sent you that message, and we can
 even send encrypted emails that nobody else can read but us. 
 Really?!  Tell me more!

I've had the same conversation with others in the past.

 His response was; Don't encrypt anything, have nothing to hide in the
 first place.  He is now serving what will probably be a life sentence
 for conspiring to blow up his wife's car with her in it.  He says he is
 innocent, and the circumstances of his trial are sketchy at best.  Key
 evidence at his trial?  You guessed it, unencrypted emails.

The trouble is, we've all already got lots of stuff out there which
wasn't cryptoed, and once it's out there, it'll never disappear.  If
the above is true, then we're all always just tetering on the edge of
oblivion.

BTW, if he didn't rig his wife's car with a bomb, who did?


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*) :(){ :|: };:
- -


signature.asc
Description: Digital signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Robert Holtzman]

On Wed, Mar 06, 2013 at 09:37:46AM -0600, Dale Raby wrote:
 I sign most of my messages, even though I only know a few people who
 actively use GnuPG/PGP.  As I see it, this is one way of promoting
 encryption.  I.e.: What is that block of gibberish you have at the end
 of your emails?  That, my friend is my public key.  If you have the
 right software you can verify that I sent you that message, and we can
 even send encrypted emails that nobody else can read but us. 
 Really?!  Tell me more!

 .snip

Your dreaming. In my experience 99.9% of the replies are why would I
want to? or the classic stomach turning I have nothing to hide.

-- 
Bob Holtzman
If you think you're getting free lunch, 
check the price of the beer.
Key ID: 8D549279


signature.asc
Description: Digital signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Will Fiveash]

On Wed, Mar 06, 2013 at 03:22:47PM -0700, Robert Holtzman wrote:
 On Wed, Mar 06, 2013 at 09:37:46AM -0600, Dale Raby wrote:
  I sign most of my messages, even though I only know a few people who
  actively use GnuPG/PGP.  As I see it, this is one way of promoting
  encryption.  I.e.: What is that block of gibberish you have at the end
  of your emails?  That, my friend is my public key.  If you have the
  right software you can verify that I sent you that message, and we can
  even send encrypted emails that nobody else can read but us. 
  Really?!  Tell me more!
 
  .snip
 
 Your dreaming. In my experience 99.9% of the replies are why would I
 want to? or the classic stomach turning I have nothing to hide.

Or the fact it's a pain in the ass to setup, much less work at all with
gmail.  For many it's a classic cost vs benefit trade off.  Beyond this,
I've been active in the Kerberos community for a long time and the
majority of krbdev mail list participants do not sign or encrypt e-mail
unless it is important, like a new release announcement or having a
discussion about a security bug which is expected to be encrypted.

As a side note, I wonder if a pgp/gpg signature as proof of authorship
has ever been tested in court?  My guess is no.

-- 
Will Fiveash

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[s. keeling]

Incoming from Robert Holtzman:
 
 Your dreaming. In my experience 99.9% of the replies are why would I
 want to?

That's when you get a chance to explain it.  Wouldn't it be neat if
you could order weed from your dealer via email?  :-O  As opposed to
over the phone with ATT forwarding all your info to the feds ...


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*) :(){ :|: };:
- -


signature.asc
Description: Digital signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[s. keeling]

Incoming from Will Fiveash:
 
 As a side note, I wonder if a pgp/gpg signature as proof of authorship
 has ever been tested in court?  My guess is no.

The legal community considers fax to be cutting edge reliable tech.


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*) :(){ :|: };:
- -


signature.asc
Description: Digital signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Jeremy Kitchen]

On Wed, Mar 06, 2013 at 04:35:07PM -0700, s. keeling wrote:
 Incoming from Robert Holtzman:
  
  Your dreaming. In my experience 99.9% of the replies are why would I
  want to?
 
 That's when you get a chance to explain it.  Wouldn't it be neat if
 you could order weed from your dealer via email?

I live in socal, I can do that without pgp :P

-Jeremy


pgp6XJj0gjOZv.pgp
Description: PGP signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Paul]

On Thursday, 28 February, 2013 at 19:24:44 GMT, Will Fiveash wrote:

- Why sign most messages?


I'd rather everyone/everything use PGP. I sign personal messages, even though I 
know the recipient doesn't use PGP, to at least spread awareness of what it is 
and that on the off-chance that the recipient does use PGP, we can communicate 
privately in future correspondence. I guess it's just habit that I don't sign 
messages to mailing lists.

--

.

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Will Fiveash]

On Fri, Mar 01, 2013 at 06:34:03PM -0800, Kevin J. McCarthy wrote:
 Will Fiveash wrote:
  The why is that you are adding needless bloat to most messages you send.
 
 One person's needless bloat is another's digital signature, I guess.

Yep, just like one salesperson's HTML format e-mail with a 150K GIF of
the company logo attached sent to an internal mail lists is a reasonable
use of bandwidth and storage resources.  To be honest, the other day I
saw an e-mail to an internal mail list that consisted of two sentences
yet the thing was 266K.  This was a result of an attached logo image and
HTML formatted text.  Not what I'd call good S/N ratio.  I suppose this
has me feeling grumpy about the subject.

  Take for example the message you sent that I'm responding to.  Does
  anyone care that it actually came from you and wasn't tampered with?  I
  doubt it.
 
 Mark cares.  I care too.  Perhaps you'll consider that your opinion on
 the appropriate use of signatures is just that.

Uhm, I never said I made the rules (whoever I am).  8^)

-- 
Will Fiveash

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Mark H. Wood]

On Thu, Feb 28, 2013 at 01:24:44PM -0600, Will Fiveash wrote:
 On Thu, Feb 28, 2013 at 12:55:39PM +0100, Stefan Wimmer wrote:
  Hi all,
  
  I recently started to sign all my mails and it took me little time to find
  out that you can't delete attachments in signed/encrypted mails ... ;-)
  
  Now I want to automate the way I use crypt_autosign that mutt checks first
  if there is an attachment and only signs the mail if that's not the case. I
  was thinking along the lines of
 
 I have a couple of comments about this:
 
 - Why sign most messages?  Unless the information is important for
   others to verify that it came from a particular person why add the
   bloat of a signature.  Beyond this I find it ironic that people sign
   e-mail with a private key where its public key isn't found on a
   standard PGP/GPG keyserver like pgp.mit.edu or kerckhoffs.surfnet.nl.

I sign all my messages so that I can say, I sign all my messages.
Don't believe anything claiming to be from me, if it is unsigned.

Sure, I could violate my own policy at any time, but...why?  Why put
my name on a message that I've repudiated in advance?

I look forward with pleasant anticipation but not much hope, to the
day when I can set maildrop to discard all unsigned mail before I see it.

-- 
Mark H. Wood, Lead System Programmer   mw...@iupui.edu
There's an app for that:  your browser


pgpBHei5LAxOF.pgp
Description: PGP signature

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Kevin J. McCarthy]

Will Fiveash wrote:
 The why is that you are adding needless bloat to most messages you send.

One person's needless bloat is another's digital signature, I guess.

 Take for example the message you sent that I'm responding to.  Does
 anyone care that it actually came from you and wasn't tampered with?  I
 doubt it.

Mark cares.  I care too.  Perhaps you'll consider that your opinion on
the appropriate use of signatures is just that.

-Kevin


signature.asc
Description: Digital signature

Why sign every message? (was Re: Sending attachments without crypt_autosign

[Will Fiveash]

On Thu, Feb 28, 2013 at 12:55:39PM +0100, Stefan Wimmer wrote:
 Hi all,
 
 I recently started to sign all my mails and it took me little time to find
 out that you can't delete attachments in signed/encrypted mails ... ;-)
 
 Now I want to automate the way I use crypt_autosign that mutt checks first
 if there is an attachment and only signs the mail if that's not the case. I
 was thinking along the lines of

I have a couple of comments about this:

- Why sign most messages?  Unless the information is important for
  others to verify that it came from a particular person why add the
  bloat of a signature.  Beyond this I find it ironic that people sign
  e-mail with a private key where its public key isn't found on a
  standard PGP/GPG keyserver like pgp.mit.edu or kerckhoffs.surfnet.nl.

- If one is concerned enough about allowing others to verify the
  integrity of a message shouldn't this concern also extend to
  attachments which are a classic attack vector?

-- 
Will Fiveash

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[Patrick Shanahan]

* Will Fiveash will.five...@oracle.com [02-28-13 14:25]:
 [...]
 I have a couple of comments about this:
 
 - Why sign most messages?  Unless the information is important for
   others to verify that it came from a particular person why add the
   bloat of a signature.  Beyond this I find it ironic that people sign
   e-mail with a private key where its public key isn't found on a
   standard PGP/GPG keyserver like pgp.mit.edu or kerckhoffs.surfnet.nl.
 
 - If one is concerned enough about allowing others to verify the
   integrity of a message shouldn't this concern also extend to
   attachments which are a classic attack vector?

I believe it is *mostly* for show.  I can so I will, see me.

Your questions/statement are spot on.

And some may not know how to sign one message and not another
-- 
(paka)Patrick Shanahan   Plainfield, Indiana, USA  HOG # US1244711
http://wahoo.no-ip.orgPhoto Album: http://wahoo.no-ip.org/gallery2
http://en.opensuse.org   openSUSE Community Member
Registered Linux User #207535@ http://linuxcounter.net

Re: Why sign every message? (was Re: Sending attachments without crypt_autosign

[s. keeling]

Incoming from Will Fiveash:
 On Thu, Feb 28, 2013 at 12:55:39PM +0100, Stefan Wimmer wrote:
  
  I recently started to sign all my mails and it took me little time
  to find out that you can't delete attachments in signed/encrypted
  mails ... ;-)
  
  Now I want to automate the way I use crypt_autosign that mutt
  checks first if there is an attachment and only signs the mail if
  that's not the case. I was thinking along the lines of
 
 I have a couple of comments about this:
 
 - Why sign most messages?  Unless the information is important for
   others to verify that it came from a particular person why add the
   bloat of a signature.  Beyond this I find it ironic that people sign
   e-mail with a private key where its public key isn't found on a
   standard PGP/GPG keyserver like pgp.mit.edu or kerckhoffs.surfnet.nl.

Until recently, I thought the same.  My $0.02; it's a political
statement, it's me reacting to what appears to me to be rampant
fascism.  I rejoiced when Spain buried Franco, yet it appears many
countries have chosen Oligopoly/Plutocracy/Fascism behind our backs.

This's just me saying no.  :-P

 - If one is concerned enough about allowing others to verify the
   integrity of a message shouldn't this concern also extend to
   attachments which are a classic attack vector?

See the mutt manual for auto_view.


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*) :(){ :|: };:
- -


signature.asc
Description: Digital signature