Re[2]: PGP signing question.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 */Reply Sunday, May 28, 2000, 2:05:08 AM, you wrote: NA -BEGIN PGP SIGNED MESSAGE- NA Hash: SHA1 NA On Saturday, May 27, 2000, 4:52:37 PM, Christian Dysthe wrote: CD U.why is that? Isn't PGP..eh..PGP? I mean isn't a 1024 key just as CD secure implemented in The Bat! as used from an external application? I am CD not expert, maybe I have missed something? NA Well, for one thing, I don't believe the internal implementation allows NA for use of anything other than RSA Keys. The question then remains: Which NA algorithms are stronger... RSA or DH/DSS? In practise, RSA Keys seem to be NA more vulnerable, and the reasons can be found here: RSA old style keys are much more vulnerable. I've got a v.usefull screensaver that brute force crack 512 bit RSA keys overnight :-) External PGP is free and simple and can be used to digitally sign everything. Or encrypt strange files g. From Jamie [EMAIL PROTECTED] 22:00:16 30 May 2000 //Insert comment here Windows 98 4.10 Build 1998 The Bat 1.44 - -- Jamiemailto:[EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: PGP 6.0.2i Comment: Jamie Dainton - [EMAIL PROTECTED] iQA/AwUBOTQsPvwQejftkdBIEQI5yQCeNtZEmy4OjDM/vKFIjR20934XNcMAn38L uPRrcIJy5bsaHdk3I0r+yS8k =aDK3 -END PGP SIGNATURE- -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re: PGP signing question.
Hello phil, On Sun, 28 May 2000 11:28:16 -0700 GMT your local time, which was Monday, May 29, 2000, 1:28:16 AM (GMT+0700) my local time, phil wrote: Greetings Nick! I look at it this way If they say they aren't--they ARE. If they say it isn't--it IS. If they say they don't--they DO. If they say it's the truth--it's a LIE. How many more examples do you need. LOL Nick, you know my opinion on this subject but it isnt something one should discusss to noisily on public places as you havent got any idea which servers scan and which donot And certain keywords stick a bit out... Best regards, tracer -- Using theBAT 1.44 with Windows 98 mail to : [EMAIL PROTECTED] I am using FireTalk: 321338 ICQ: on request Website: www.phuketcomputers.com Our special website hosting/mailservers are now operational -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re: PGP signing question.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Saturday, May 27, 2000, 8:38:53 PM, Gary wrote: p Technically if you want to get down and say that, then I've always p heard that the older the version of pgp (ie. 2.x) are harder to p crack than the newer windows versions. I can't remember where I p heard that though, I've always believed it. There are arguments for and against Open Source Software as being more secure than Closed Source Software. The relevant arguments can be read here: http://www.securityfocus.com/commentary/19 http://www.technocrat.net/955986079/index_html Personally, I believe Open Source Software has the "potential" to be more secure, but there is also value in security through obscurity. :o) G This is because the older versions have the open source code readily G available for inspection to see if there has been any tampering via G checksums, both the US and International versions. The new versions - G well, the source code has not been available, as far as I can tell. I know source code is available for 6.5.1, and perhaps even 6.5.2, but beyond that I'm not sure. Again, I don't see the value in using something along the lines of 5.X vintage when Open Source exists for 6.5.1, and that is only _if_ OSS is important to you... because the latest freeware version is 6.5.3 Nick -BEGIN PGP SIGNATURE- Version: PGP 6.5.3 Comment: Digitally signed to allow for authentication by recipient. iQA/AwUBOTC3S8UChHR7o/3OEQLjFACg/ENANUloXDFwTBdCiJMDyax72YkAnRJX thSowOggDeDd5RfyzoI6mE9Z =dh4C -END PGP SIGNATURE- -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re: PGP signing question.
-BEGIN PGP SIGNED MESSAGE- Servus Nick, Am 28.05.2000 so gegen 08:06 meintest Du: Personally, I believe Open Source Software has the "potential" to be more secure, but there is also value in security through obscurity. :o) But you remember the discussion on PGP-Users about my governments claims against PGP in favour of OpenPGP and a possible NAI/NSA "friendship"? While with Open Source, you can dismish such claims, you cannot by the obscure way ;) Nevertheless, I gotta throw in that source code is also, "of course" avail for newer Windows builds, both the CK-T and the International version, allthough for the newest builds it ain't there yet. A good source for such links is www.pgpi.org (Stale Schumachers site)... Nick Cheers, Johannes mailto:[EMAIL PROTECTED] - -- Fehler sind erzielte Ergebnisse, die nicht den erwarteten Ergebnissen entsprechen. Fehler sind die Quelle der Kreativität! -BEGIN PGP SIGNATURE- Version: PGP 6.5i iQEVAwUBOTDJqwt4MvNz1i1BAQGf3Af/XZdHCMPkrD5pSACiLBRZr5PBkSckgHLH Crb/evw8LlkWBlDVdgl62I/lnsCAFPWveq1+y91oMTXAXed2yBLWx7KK6DawgVVD 8tT8vA/eVh2gNlnW3sMLKhAKmGld4Mn9UYRfHaGpJ3FNipaJFJ5Z3sIouNliT7Mb ilUhmuzDkoHKVeHdsSzfn2RlTMFJNY9TfXD/nufmn53/wasLLfBMy4XBIUuPiigk 7wnhW1xfBOMwHek/ye+zYNhxxtc/b8z7ZwEwhma1OXeFs8tVHcgk89QKwERqUeAJ ieAN/rHxxJvicXFn2Apar4FcKiLTYE9pWG4B5S9pu4XlXFk1dgjkow== =1u+h -END PGP SIGNATURE- -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re[2]: PGP signing question.
Greetings Nick! On Saturday, May 27, 2000 at 23:06:07 GMT -0700 (which was 11:06 PM where you think I live) [EMAIL PROTECTED] typed: p Technically if you want to get down and say that, then I've always p heard that the older the version of pgp (ie. 2.x) are harder to p crack than the newer windows versions. I can't remember where I p heard that though, I've always believed it. NA There are arguments for and against Open Source Software as being more NA secure than Closed Source Software. The relevant arguments can be read NA here: NA http://www.securityfocus.com/commentary/19 NA http://www.technocrat.net/955986079/index_html NA Personally, I believe Open Source Software has the "potential" to be more NA secure, but there is also value in security through obscurity. :o) Although I've spent plenty of time on securityfocus.com I disagree, security through obscurity is not very effective. Look at all the shareware programs that get cracked because of that belief. (Old Fravia used to talk about that) OPINION I wouldn't trust NAI at this point. But that is me personally. I don't use anything by them at all. I miss the old MCafee SCAN.EXE days!! now they are over the edge./OPINION I read back in 1995-96 an article was in Extraordinary Science Magazine published by the ITS and the article was written by JW McGinnis (the magazine is OOP now) to download version 2.3 of pgp because this whole whoopla was about to hit and the governments were going to start messing with pgp. I've also head numerous articles by hackers that said that the "older versions are the best." When asked which version do I want, the answer was, the oldest version you can get. The version that McGinnis was telling us to get was the source code of 2.XX (the version without the windows support dll's) So when I try to run that in The Bat it won't work. There are shells for it although I am not crying about this, I'm only passing on information that I understand. I trust McGinnis more than I trust someone I haven't met--I've met McGinnis in San Francisco, Ca. And talked with him, and he is one who has reasons specifically to encrypt secrets, I haven't met some of the other well known people in the cryptography field; some of which I assume are US planted disinformation websites. There are MILLIONS if not BILLIONS of crypto sites on the web. Cryptome in/out is another example of a place that i hang out reading news. Then there is the Mitnick saga.. Is the FBI not still trying to crack into his hard drives at this very moment? What version did he use? Obviously the password will be making a big difference in how soon the FBI will be cracking it. Although I am using a ckt (Cyber Knights Templar) version of pgp (which allow a larger key) at the moment, I also have and use a much older version and retain all the extra junk in my startup files for that version. I use this ckt version mainly to stymie the Free Dial Up account[s] possibility of reading mail. I'm not after keeping fbi spooks out of my top secret physics experiments on cold fusion with the ckt build. If I wanted that I would use the older pgp. note: that if you get the ckt build, expect for a large key to take more than an hour to compile--I fell asleep waiting Somebody mentioned RSA vs. DH/DSS I trust the DH/DSS more than RSA because I've heard that RSA has been cracked, or tampered with. Problem is getting other people to use DH/DSS most people don't create more than one key, or end up deleting keys like I do. "Whoops. Damn you mean to tell me that the key will stay on the MIT server if I lost my key?" -AHahahah LOL G This is because the older versions have the open source code readily G available for inspection to see if there has been any tampering via G checksums, both the US and International versions. The new versions - G well, the source code has not been available, as far as I can tell. NA I know source code is available for 6.5.1, and perhaps even 6.5.2, but NA beyond that I'm not sure. Again, I don't see the value in using something NA along the lines of 5.X vintage when Open Source exists for 6.5.1, and that NA is only _if_ OSS is important to you... because the latest freeware NA version is 6.5.3 Na , you just haven't searched. the sources are available. But most people (myself included) wouldn't know what the hell we were looking at. It's still Great fun to compile though! -- ... autoexec.bat: A Wise Yuppie with a new copy of the bat. --- The Bat! 1.44 + 98Lite + Revenge of Mozilla II -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re: PGP signing question.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday, May 28, 2000, 1:24:27 AM, Johannes M. Posel wrote: JMP But you remember the discussion on PGP-Users about my governments JMP claims against PGP in favour of OpenPGP and a possible NAI/NSA JMP "friendship"? While with Open Source, you can dismish such claims, JMP you U... I don't think you can "dismiss such claims" based solely on the Open Source Code. Remember, one point of the argument _for_ obscurity, is that with Open Source, not only can the good guys find problems, but so can the bad guys, only they won't be so forthright in letting others know of it. Nick -BEGIN PGP SIGNATURE- Version: PGP 6.5.3 Comment: Digitally signed to allow for authentication by recipient. iQA/AwUBOTFS+cUChHR7o/3OEQIHBwCeNGZouJAXSU79wLs1Q/R73SrYthYAoNQ8 maUe1KWau0yO3Lx32B/a0ZGT =tc1c -END PGP SIGNATURE- -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re[2]: PGP signing question.
Greetings Nick! On Sunday, May 28, 2000 at 10:10:20 GMT -0700 (which was 10:10 AM where you think I live) [EMAIL PROTECTED] typed: NA U... I don't think you can "dismiss such claims" based solely on the NA Open Source Code. Remember, one point of the argument _for_ obscurity, is NA that with Open Source, not only can the good guys find problems, but so NA can the bad guys, only they won't be so forthright in letting others know NA of it. I'm not an expert, I'm not a reverse-engineer, but I know... If you obscure it, then someone will just reverse-engineer it until they know what's in it. Or know enough about what's in it that it is no longer obscured. Again, this is exactly how shareware programs get cracked. It's stupid to think that obscurity alone by itself will be a silver bullet. You might make it take longer to figure out. It's delaying the unavoidable. And big sis makes a stupid greedy mistake with this. But you can believe what you want to believe. You can write your spaghetti coded, obscured, closed source all you want, there will still be those who can figure out just enough to crack through what ever you do. Go ahead, use obscurity, but don't rely on it completely 100% or your in for a big suprise. I am one individual that won't be listening to big sis's propaganda about obscurity. OTOH- if you make source available, then people report and fix bugs, and it only gets better. -- ... If only women came with pulldown menus and online help like The Bat! does.. --- The Bat! 1.44 + 98Lite + Revenge of Mozilla II -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re[2]: PGP signing question.
Greetings Nick! On Sunday, May 28, 2000 at 10:18:02 GMT -0700 (which was 10:18 AM where you think I live) [EMAIL PROTECTED] typed: p Although I've spent plenty of time on securityfocus.com I disagree, p security through obscurity is not very effective. Look at all the p shareware programs that get cracked because of that belief. NA But Phil, that really isn't a fair comparison. The complexities of the NA examples you cite, differ greatly, and it's the very nature of the NA complexity of PGP Code that brings the value of Open Source into question. what do you want me to agree? I don't agree. sorry. heh NA I must admit though, that I'm fence-sitting on this issue, and not taking NA a stand as I earlier alluded to. I don't have enough information, or NA experience, to harbour a viewpoint, one way or the other. I look at it this way If they say they aren't--they ARE. If they say it isn't--it IS. If they say they don't--they DO. If they say it's the truth--it's a LIE. How many more examples do you need. LOL If they say there is no money involved--there IS. Follow the money, find the corruption. simple. NA Don't you wonder though... why the US Government suddenly lifted the NA export ban on PGP? Kind of makes you question whether or not the NSA knows NA something about their ability re. PGP, that we don't. Why should I wonder about that? Why would I assume the NSA monitors anything at all? -- ... Mark McGwire knows how to use The Bat! --- The Bat! 1.44 + 98Lite + Revenge of Mozilla II -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re: PGP signing question.
Hello Tom Plunket, On Sun, 28 May 2000 00:33:44 -0700 GMT your local time, which was Sunday, May 28, 2000, 2:33:44 PM (GMT+0700) my local time, Tom Plunket wrote: NA Personally, I believe Open Source Software has the "potential" to be more NA secure, but there is also value in security through obscurity. :o) Although there may be corporate value in obscurity, I have a hard time accepting that at a personal level. Sure, nobody is supposed to know what the whitehouse.gov and fbi.gov servers are running so that nobody will know easy attacks against them. However, at the same time, if *I* am unable to examine an implementation of a cryptography routine (or anything, for that matter), I may well be suffering from corporate key-farming (from the previously mentioned link, just a direct line to what I'm talking about): http://www.scramdisk.clara.net/pgpfaq.html#SubDSSSubliminal Anyone remember the big brouhaha when it was discovered that Microsoft was collecting computer information during the famous "Windows Update" feature? While I won't say that such a thing would never happen in OSS, it's unlikely to be a "surprise" when someone sees that it's happening. What about that backdoor one of the USA politicians recent blabbed about, and the NSA spare key... I wouldnt trust any encrypto from MS or similar USA companies unless the source was available to look at.. After the turnaround the USA government did on excrypting they HAVE to be able to decode it. If any version of Linux becomes settled in enough to be THE one to use, you can be sure there will be attempts to sneak similar code in. May already be it in the kernel... You have NO idea what data they nick at various times, can even be your pgp keys as its dead easy to see if someone has pgp and where the keys are. Who tells you your secret key hasnt been nicked? Take pgp on its own, code should be code, not starting with some silly banner telling the whole world what it is and also as a side effect showing when a decode was succesful. You want to multiple loop pgp, and you can, that banner tells exactly when a loop was succesful... And why should headoffice CIA and AOL be so nice and close together that I would want to bet there is a big fibreoptic cable between the 2Or that likely all mail and chat via AOL, ICQ, Hotmail and a few others gets scanned for certain keywords / users.. -tom! Best regards, tracer -- Using theBAT 1.44 with Windows 98 mail to : [EMAIL PROTECTED] I am using FireTalk: 321338 ICQ: on request Website: www.phuketcomputers.com Our special website hosting/mailservers are now operational -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re: PGP signing question.
Hello Tom Plunket, On Sun, 28 May 2000 00:33:44 -0700 GMT your local time, which was Sunday, May 28, 2000, 2:33:44 PM (GMT+0700) my local time, Tom Plunket wrote: http://www.scramdisk.clara.net/pgpfaq.html#SubDSSSubliminal So who checked the MS double key system (g)?? Interesting reading... Best regards, tracer -- Using theBAT 1.44 with Windows 98 mail to : [EMAIL PROTECTED] I am using FireTalk: 321338 ICQ: on request Website: www.phuketcomputers.com Our special website hosting/mailservers are now operational -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re[2]: PGP signing question.
Hello Nick, Saturday, May 27, 2000, 12:15:17 AM, you wrote: NA I have two Accounts Christian, and would like to do the same thing, but NA I've not figured out how, unless someone else has come up with a way. It NA would be a nice implementation though. NA Instead, TB! simply PGP clear-signs via whatever key you've designated as NA your default key in PGP Keys. Even if you were to use the %SIGNCOMPLETE NA macro, you would still have to choose which key you wanted to use... via NA the drop down list under "Singing Key" in the accompanying dialogue box... NA each and every time you send a message. Don't forget to disengage the NA passphrase caching in PGP Options if you always want that choice. NA Nick NA -BEGIN PGP SIGNATURE- NA Version: PGP 6.5.3 NA Comment: Digitally signed to allow for authentication by recipient. NA iQA/AwUBOS9Z4sUChHR7o/3OEQI2SwCg59KDGH2OruRYyDYqemok0vxzg5MAoJCO NA XrP7oZCC9yawgwF1mdhZh+cm NA =DcOG NA -END PGP SIGNATURE- I was pretty sure this was implemented when I started playing with PGP in The Bat! since The Bat! is a (and one among *very* few) truly multi account supporting clients. I see you use an "external" PGP implementation. It wouldn't be that the internal PGP implementation in The Bat! can do this? I am now pretty sure it can't after having looked in every corner for both documented and a possibly undocumented feature, but I ask again :) You are right though, in these multi mail account times when even your average ISP gives you a few aliases this functionality would be very helpful. -- Best regards, Christian Dysthe http://christian.dysthe.tripod.com ICQ: 3945810 PGP Public Key: mailto:[EMAIL PROTECTED]?subject=Send_PGP_Key -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re: PGP signing question.
On Saturday, May 27, 2000 at 5:13 PM or thereabouts, Christian Dysthe wrote the following about PGP signing question.: Christian You are right though, in these multi mail account times Christian when even your average ISP gives you a few aliases this Christian functionality would be very helpful. I'm sure there are reasons of which I'm simply unaware, but why cannot one simply have their multiple addresses on *one* key? Why the need for multiple keys? TIA Chuck -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Chuck Mattsen[EMAIL PROTECTED] http://www.users.uswest.net/~mattsen =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Random Thought/Quote for this Message: Some people fall for everything and stand for nothing. -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re[2]: PGP signing question.
Hello Nick, Saturday, May 27, 2000, 5:25:22 PM, you wrote: NA Hopefully, PGP will be better implemented in Version 2.0, but until then, NA it's my feeling that the external PGP implementation, as opposed to the NA internal, would better accommodate the security concerns of TB! Users. U.why is that? Isn't PGP..eh..PGP? I mean isn't a 1024 key just as secure implemented in The Bat! as used from an external application? I am not expert, maybe I have missed something? Besides that, the built in PGP is so easy to use and set up I think a lot more users will be able to use it than the external alternatives. Which is...yes! would accommodate security for more The Bat!users. Some security is better than none, right? :) NA Nick NA -BEGIN PGP SIGNATURE- NA Version: PGP 6.5.3 NA Comment: Digitally signed to allow for authentication by recipient. NA iQA/AwUBOTBLUMUChHR7o/3OEQKMkgCgsJFXgZOPqwS8aWjRy3mMvW7oJ+EAnR3H NA qq+riMzhTLKmwp0HDpZYR5eK NA =yYaO NA -END PGP SIGNATURE- -- Best regards, Christian Dysthe http://christian.dysthe.tripod.com ICQ: 3945810 PGP Public Key: mailto:[EMAIL PROTECTED]?subject=Send_PGP_Key -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re: PGP signing question.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Saturday, May 27, 2000, 4:52:37 PM, Christian Dysthe wrote: CD U.why is that? Isn't PGP..eh..PGP? I mean isn't a 1024 key just as CD secure implemented in The Bat! as used from an external application? I am CD not expert, maybe I have missed something? Well, for one thing, I don't believe the internal implementation allows for use of anything other than RSA Keys. The question then remains: Which algorithms are stronger... RSA or DH/DSS? In practise, RSA Keys seem to be more vulnerable, and the reasons can be found here: http://www.scramdisk.clara.net/pgpfaq.html The latest freeware version of PGP is 6.5.3, and PGP Desktop Security 7.0 has already been released, although the freeware version has not. There is no reason to be using anything other than the latest and greatest, when it comes to security. Nick -BEGIN PGP SIGNATURE- Version: PGP 6.5.3 Comment: Digitally signed to allow for authentication by recipient. iQA/AwUBOTBwwsUChHR7o/3OEQJZ6ACfVwKFQTKBnoDRqL0X0IvarIW/R9gAn3V3 RzM+3p/HdLfEiceFBM9nVJ3e =wSR2 -END PGP SIGNATURE- -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re: PGP signing question.
On Saturday, May 27, 2000, 3:24:42 PM, Chuck Mattsen wrote: I'm sure there are reasons of which I'm simply unaware, but why cannot one simply have their multiple addresses on *one* key? Why the need for multiple keys? Although PGP allows for more than one User name or E-Mail address for use with the same Key Pair (Private and Public Key), it allows for only one of them to be a primary identifier. Most Users have specific security concerns that are not addressed by having just the one Key Pair, and so you see a lot of Key Pairs with only one address associated with it. It has more to do with signing, encrypting and verification concerns than anything else. Nick -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re[2]: PGP signing question.
Greetings Nick! On Saturday, May 27, 2000 at 18:05:08 GMT -0700 (which was 6:05 PM where you think I live) [EMAIL PROTECTED] typed: NA The latest freeware version of PGP is 6.5.3, and PGP Desktop Security 7.0 NA has already been released, although the freeware version has not. There is NA no reason to be using anything other than the latest and greatest, when it NA comes to security. Technically if you want to get down and say that, then I've always heard that the older the version of pgp (ie. 2.x) are harder to crack than the newer windows versions. I can't remember where I heard that though, I've always believed it. -- ... Unicorns vs. Bat , and that unicorn is just about out of BLOOD NOW! hahahah --- The Bat! 1.44 + 98Lite + Revenge of Mozilla II -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
Re[3]: PGP signing question.
Hi Phil, On Saturday, May 27, 2000, 10:20:43 PM, you wrote in part about "PGP signing question.": p Technically if you want to get down and say that, then I've always p heard that the older the version of pgp (ie. 2.x) are harder to p crack than the newer windows versions. I can't remember where I p heard that though, I've always believed it. This is because the older versions have the open source code readily available for inspection to see if there has been any tampering via checksums, both the US and International versions. The new versions - well, the source code has not been available, as far as I can tell. There is no new International version, but just a copy from the US version (6.53) -- Best regards, Gary Today's thought: Life is a waste of time, time is a waste of life, so get wasted all of the time and have the time of your life. PGP Public Key: mailto:[EMAIL PROTECTED]?subject=SendPGPKey -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org
PGP signing question.
Hello TBUDL, I have different PGP keys for different mail accounts. Is it way to have The Bat! sign with a specified key based on which account mail is sent from? -- Best regards, Christian Dysthe http://christian.dysthe.tripod.com ICQ: 3945810 PGP Public Key: Send me an e-mail with "pubkey" as subject. -- -- View the TBUDL archive at http://tbudl.thebat.dutaint.com To send a message to the list moderation team double click here: mailto:[EMAIL PROTECTED] To Unsubscribe from TBUDL, double click here and send the message: mailto:[EMAIL PROTECTED] -- You are subscribed as : archive@jab.org