Re: TB! and GnuPG (and PGP)

[Mica Mijatovic]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

   ***^\ ."_)~~
 ~( __ _"o   Was another beautiful day, Sun, 22 Oct 2006,
   @  @  at 19:55:06 +0500, when Richard H. Stoddard wrote:

> I thought about switching to TB! Pro for the "EOTF", but decided not
> to.

I thought of it too, some...670 days ago, it seemed pretty alluring, at
first sight, but after had examined the thing more closely I had changed
my mind.

> I just installed TrueCrypt, and may move mail files to an encrypted
> drive there. Of course, that would require starting it up first, but I
> could probably remember that after a few false starts.

Oh, you will. (-: Besides, it's easier, and safer, if you put into an
encrypted container both the Mail and TheBat folder (if you are only
user of the Bat/machine), since this way if someone "unauthorized"
triggers the shortcut (if s/he finds it in Start Menu), tBat will not
start.

Easiest way to do so is to simply mount this container/"volume" and then
to install TBat there (and perhaps some other programs you wouldn't want
others to tinker with).

> Thanks again for all of your help. I think I'm getting GnuPG to the
> point that I can safely uninstall PGP.

You're welcome, this is the place for it, and I am besides right now
preparing quite similar www "tutorials" for my correspondents/friends,
so they can manage when I am not "accessible".

When you uninstall PGP, look after PGP*.* files in your OS|System
folders, since all the chances are that they will not be deleted during
the process. Also check the Registry (HKEY_CURRENT_USER\Software\PGP)
since PGP likes to leave its...PGPberries all around. This should be
deleted too.

After that, you'll notice that OS runs a bit faster and livelier.

  ***

With PGP you may notice that when you mount your "encrypted volumes",
their paths will be recorded in index.dat files in Content.IE5 folders.
Etc. With True Crypt it will not be the merry case.

- --
Mica
 ~~~ For personal mail please use my address as it is *exactly* given
 in my "From" field, otherwise it will not reach me. ~~~
GPG keys/docs/software at: http://blueness.port5.com/pgpkeys/
   http://tronogi.tripod.com/pgp/pgpkeys/
[Earth LOG: 670 day(s) since v3.0 unleashing]
OSs: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium
 Windows XP(ee) Micro Lite Professional 1.6, Gentoo & Vector ~ Wine
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6-svn-4298 <>o<> tiger192 (Cygwin/MinGW32)

iQEVAwUBRTvJ7bSpHvHEUtv8AQgDFQf/UPfB2Iw6sjl+cYZca7dt+DHN6d0OOmrM
fhAqtvZdujshApsSGpyMmunDrmPhhM90NgmTF2aLWa5zJTVk4Ux+TT6KU5avdOXP
Ao5SA8HFXDXYIjpAmccVB2zY9zkzG9rte4uc8o3hgzbW9k2qYTCc8CiYJHiI+Slm
tCw5Ym4ZeEY98mNe4HF8JpoMubJZBxZJCAqjjaiguEjST//CQoBzOnHMT6ing9x+
4aM7/jf66/Gc2M6Wx5A1u6pjUjo6FjlMKOLpr0Ab8n+5d1wsQisu0jHb6KxXqdlm
xsIA7zORZzB5gBE4ZfYSbbP6Q4CMJ6xxHJgsLKpXan0RmE6uAh0syg==
=YUEH
-END PGP SIGNATURE-



Current version is 3.85.03 | 'Using TBUDL' information:
http://www.silverstones.com/thebat/TBUDLInfo.html

Re: TB! and GnuPG (and PGP)

[Mica Mijatovic]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

   ***^\ ."_)~~
 ~( __ _"o   Was another beautiful day, Sun, 22 Oct 2006,
   @  @  at 16:19:31 +0500, when Richard H. Stoddard wrote:

> I've created a new key and tried to add some preferences per the
> above, but am now stymied: how do I select which one I want it to use?
> I want the default to be SHA256, but no matter what I've tried it
> stills uses SHA1. Obviously I'm doing something wrong.

No, you are doing that quite fine. It will just add SHA1, 3DES and ZIP,
Uncompressed by default, no matter what selection you choose otherwise.
This will do no harm, while a _lack_ of some of these "features" could.

There is just one thing you have to do and this is to set the default
algorithm in your gpg.conf file. You just add this line in there...

digest-algo SHA256

...and it will be used as your default one. TBat will accept this too.

  ~.~

(There are people who still use MD5 for instance, but for other purposes
than signing/encrypting, like making MD5/SHA1 "hashes" for/of various
files and so. -- I like to use TIGER192 algorithm for such purposes and
to confuse them. (-: Besides, it is more complex and tricky and is
created by a quite different and modern technology.)

Basically, it is safer to encrypt a TBat backup file(s), and the \Mail
folder (when is not in use, for instance), using some fine algorithm in
GnuPG, than to use TBat's EOTF (so called "Encryption On The Fly"),
since those are very different technologies and of very different
quality. (In TBat the EOTF is added more for a fancy reasons than to be
of a real and safe use.)

Add to this the fact that corporative, NSA, algorithms (the whole SHA
family, forced in and by PGP, where RIPEMD belongs to as well pretty
much, after the technology used in the process of its conception) are
being constantly attacked by Chineses (and they are really good in it,
having some mystic exotic tricks in mathematics, and in general), so
that is safer to use something else (or a SHA with more bits, for now,
256 and higher) for privacy/civil(ian) purposes.

(Today's, "altered", PGP of course will not admit this, it's their job,
and will kick, gasp, wiggle and scratch, it's usual behavior, will deny
and oppose, but the very fact that user today has to give all that
private data -- it's incredible that many really do that -- and just in
order to download _privacy_ protecting software should speak for itself,
no. The smell is quite easy to feel far and wide.)

  ***

All of that should be given a more careful consideration on the side of
TBat developers as well, when they are going to do something real
quality, solid and reliable as to the some "encryption feature" built in
into The Flying Mammal / Letuchaya mish / {P|Š}išmiš / Leteći
sis{oje|avac|ar}.

- --
Mica
 ~~~ For personal mail please use my address as it is *exactly* given
 in my "From" field, otherwise it will not reach me. ~~~
GPG keys/docs/software at: http://blueness.port5.com/pgpkeys/
   http://tronogi.tripod.com/pgp/pgpkeys/
[Earth LOG: 670 day(s) since v3.0 unleashing]
OSs: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium
 Windows XP(ee) Micro Lite Professional 1.6, Gentoo & Vector ~ Wine
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6-svn-4298 <>o<> tiger192 (Cygwin/MinGW32)

iQEVAwUBRTt8LLSpHvHEUtv8AQg2Igf/do76o/jHHGqKVJ4M1M5xtKnuNuLQAw6y
/rXc49TI3F5SuSdK49mkDlk09khzvw/WEcvdQgHhszbRW/0aZpZ7YY7K8o4etHRz
nNQOYUQJwBe4F1+rn8Hspb+mu4amG06PRpiwDpuMKvYRpp4RzywWCTn7KZKjP0op
2hvM5uRxlPD4u0I9099uDFXDUUp/bOa7Jd2Aa2B0cxJbsS12P//SrFKP0DxTq27T
zcYOIKTeLRe9wVFakep3P3Q2r4yIlWo0hoY1fOpe+kNXflCKZVlRFnOSMm3/mJDi
eLjhFljqMoeKZlqQ5WMaDhLCtnLnYNff8/OtMTirSBGd6TBR2EwT3A==
=MjMy
-END PGP SIGNATURE-



Current version is 3.85.03 | 'Using TBUDL' information:
http://www.silverstones.com/thebat/TBUDLInfo.html

Re: TB! and GnuPG (and PGP)

[Peter Meyns]

Hi Richard,

on Sat, 14 Oct 2006 22:14:05 +0500GMT (14.10.2006, 19:14 +0200GMT here),
you wrote:

[set up GnuPG]

RHS> I've done this and was able to select GnPG. I then edited the file
RHS> preferences to point it to my keyrings, but I still get an error
RHS> message that "no secret key available" even though the key manager
RHS> shows my key as the default. What am I doing wrong?

Have a look at https://www.ritlabs.com/bt/view.php?id=4171 and say if
this is the behavior you mean. For the time being, I seem to have been
the only victim of this quirk - *if* it's the same...

-- 
Cheers
Peter

"It is now possible for a flight attendant to get a pilot pregnant."
- Richard J. Ferris, president of United Airlines



Current version is 3.85.03 | 'Using TBUDL' information:
http://www.silverstones.com/thebat/TBUDLInfo.html

Re: TB! and GnuPG (and PGP)

[Mica Mijatovic]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

   ***^\ ."_)~~
 ~( __ _"o   Was another beautiful day, Mon, 16 Oct 2006,
   @  @  at 19:47:56 +0500, when Richard H. Stoddard wrote:

> With WinPT, I have the option of creating an RSA key up to 4096; with
> PGP I can create an RSA key only up to 2048, while a DH/DSS key can go
> to 4096. Which is the better option for PGP? (Eventually I will phase
> out of using PGP, but need to have GnuGP working reliably first.)

It is safer/best to create new keys using GnuPG. (PGP will manage then
with 3072 bits RSA keys quite fine, and even with bigger ones.) Besides,
GnuPG as such is reliable always (which is not case with other crypto
software, including the "modern" PGP). In combinations with other
programs it may vary (as you experience yourself). Best combination (so
far) is GnuPG + GPGShell (and of mailers + The Bat).

> Also, how do I change the hash algorithm? With PGP v8.1 I have several
> algorithm options, but they all seem to result in a hash SHA1.

SHA1 is also unsafe algorithm. In GnuPG you add/remove hashes and the
rest by updating the key preferences. It is done by typing in on the
command line (in Windows the DOS Prompt -- Start | Run | cmd | [OK])...

gpg --edit-key (and here you type in ID of the key you want to edit)

...then you type in...

setpref (and here you choose wanted hashes -- see the table below)

...and then when you are finished, you type in this...

save

...hit [enter] button and your key preferences are updated.

   *

The list of abbreviations for algorithms is here...

   ##
   # Cipher-Algos:# Digest-Algos:# Compress-Algos:  #
   ##
   #  #  # Z0  Uncompressed #
   # S1  IDEA # H1  MD5  # Z1  ZIP  #
   # S2  3DES # H2  SHA1 # Z2  ZLIB #
   # S3  CAST5# H3  RIPEMD160# Z3  BZIP2#
   # S4  BLOWFISH #  #  #
   #  #  #  #
   #  # H6  TIGER192 #  #
   # S7  AES  #  #  #
   # S8  AES192   # H8  SHA256   #  #
   # S9  AES256   # H9  SHA384   #  #
   # S10 TWOFISH  # H10 SHA512   #  #
   #  # H11 SHA224   #  #
   ##

...so you can choose what you prefer (you may choose them all and what
is not applicable will be simply omitted), and write it in the form...

setpref S10 S9 S8 (and so on) H11 H10 (etc) Z3 Z2 (etc)

...just bear in mind that for H6, the TIGER192 algorithm, you will need
specially modified version of GnuPG with more features, and if you
really need it for any reasons you may download such one here
. It also is able to create
keys up to 16,384 bits and has some other handy additions.

These GPG versions are like any other ones, just having more features,
so it works well with The Flying Suc...Mammal too. You install it by
simply copying its files over already installed ones.


> I'm still having some problems with TB!'s integration. For example, I
> seem to be able to decrypt okay - most of the time - but tonight it
> still tells me there is no secret key when I try to sign/encrypt using
> its privacy menu options. WinPT, on the other hand, was working
> tonight, although now I'm having troubles again. (It keeps defaulting
> to another open message to sign, and after closing that one it now
> tells me there it could not extract text from the window.) Again, maybe
> if I use just one of them I'll be okay.

Integrated decryption works with no problem in TBat, using GnuPG. Tricky
is with encryption however, since this part of the Bat's being is a bit
dull, a bit stubborn and a bit seemingly retarded a longer time already
in this regard, so I manage other way for mail encryption (using
Clipboard feature in GPGShell, most of the time).

> Thanks for all of the advice and assistance.

As the Sir McAntony Dubbya of/von Boom would say, You Was Welcomes. (-:

More specific and "expert" answers you'll most probably get on the
other, PGP, more specialized, list, as for GnuPG alone, while the
matters of Bat's and GnuPG's integration have better chance to be solved
here. I guess. Even only in theory. (:

- --
Mica
 ~~~ For personal mail please use my address as it is *exactly* given
 in my "From" field, otherwise it will not reach me. ~~~
GPG keys/docs/software at: http://blueness.port5.com/pgpkeys/
   http://tronogi.tripod.com/pgp/pgpkeys/
[Earth LOG: 670 day(s) since v3.0 unleashing]
OSs: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium
 Windows XP(ee) Micro Lite Professional 1.

Re: TB! and GnuPG (and PGP)

[Mica Mijatovic]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

   ***^\ ."_)~~
 ~( __ _"o   Was another beautiful day, Sun, 15 Oct 2006,
   @  @  at 07:14:35 +0500, when Richard H. Stoddard wrote:

> Mica,

> Saturday, October 14, 2006, 11:25:54 PM, you wrote:

MM>> If your GnuPG otherwise works, even if just once it was working well
MM>> (for instance you hit Ctrl+Shift+S in TB editor and it offers the
MM>> "combo" with the list of your keys), then it means that it's properly
MM>> installed, both with the added PATH and the registry entry.

> It appears to be working. I've played with it some more since my
> earlier post, and it now decrypts and verifies signatures just fine.
> (Or at least those of the person with whom I've been testing it.)

> When I try to sign or encrypt, it gives the pass phrase dialog box,
> but then I get an error message saying there is no default secret key.
> I've repeatedly checked the preferences to make sure the paths are
> correct, but still can't get over this hurdle.

> This morning, however, I checked the properties on my key once again,
> and this time looked more carefully at the subkeys. The DSA subkey can
> sign and certify, while the ELG-E subkey, which has a different subkey
> id, can encrypt. (The default id is the DSA key number.) Neither of
> them have the authenticate box checked. Is this my problem? And if so,
> how do I overcome it? Should I just generate a new keypair and use
> different settings?

Richard, whatever might be the case, and your DSA key certainly is not
the reason, you should anyway make a new -- but an RSA -- key, of at
least some honest 3072 bits, since DSA keys are not safe as they were
once (upon a time) and hence should be gradually withdrawn from (active)
cryptographic life.

On how to make easily and quickly such a key (using GnuPG) you have
instructions here, if you need them: ,
"2. How to make a key in GnuPG using command line".

Since these instructions are based on mainly default values, if you want
to enable the "Authenticate" function, just toggle the "A" value, when
these values are offered.

   *

As for the inconsistent work of the crypto "band" the members of are
here TBat, WinPT and GnuPG, I suspect that WinPT is the one that is
causing it. Its author also himself hints (on the other list) that it is
the possible reason, due to certain incompleteness of this software. Try
GPGShell instead and I think you'll not have such problems anymore.

   *

As for The Bat, in this, crypto, regard, it also is not quite
"complete", despite its very good (one of the best) integration with
GnuPG, and although it makes no problem in this particular case you
describe it should be "corrected" at least as for the list of keys it
offers, the list that is "filtered" after the addresses of particular
account and thus very annoyingly limited. _All_ the user's keys being on
his key-ring(s) should appear and be at disposal on such a list,
regardless whether the addresses in key IDs correspond to the actual
account we work at the moment or not, or whether these IDs have some
email address at all or not.

The ways user uses his/her crypto software must not be limited in any
way, particularly not by a "third" applications, like mailers are and
similar (since they have absolutely nothing with the ways crypto
strategies are applied and _must not_ interfere and tinker with it) and
the said conception is long since outdated, very limited and rigid,
being thus not very merrily functional.

To the correction like this should be given highest priority, after the
level of its essential importance of course, not after "popularity" some
"wish" is rated, that is after the number of members who "vote" some
less or more idio...matic (and often quite redundant) "feature" for.

This is the reason why I myself do not take part in any "whish list"
creation, since such conception (based on the numbers and not on the
essential sense) makes no any functional and serious sense and is thus
pretty much useless and resource wasting.

- --
Mica
 ~~~ For personal mail please use my address as it is *exactly* given
 in my "From" field, otherwise it will not reach me. ~~~
GPG keys/docs/software at: http://blueness.port5.com/pgpkeys/
   http://tronogi.tripod.com/pgp/pgpkeys/
[Earth LOG: 670 day(s) since v3.0 unleashing]
OSs: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium
 Windows XP(ee) Micro Lite Professional 1.6, Gentoo & Vector ~ Wine
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6-svn-4217 <>o<> tiger192 i686 (MSYS/MinGW32)

iQEVAwUBRTOQmrSpHvHEUtv8AQiqRAf/RruYXW8+UwvkdchTaTSwbAr5wQ3JeAQH
j8BnvOD603+8jygL2U1yiathSv0llQTLo7pyDKiD1aOrqPzpTzjSJC0RyrFCyUQ7
uTJVdl1KVcQSN+wQ23iD3fN91IjHf5lGrDicgTUHk4dgttVBD/6XC38MAyOV4Eje
FO0UQlWJCw4K4jaegwlDKHXWQowjV31fpcs7KvtadkkV5tqRn9KHECbLxPCM3QR2
RPPwFez602Owkx8HbzrW1h3ZyMOW7gWHTop0/3oo8WnWHgXfZc6smk7vMju5

Re: TB! and GnuPG (and PGP)

[Scott Frederick]

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Hello Richard,

Saturday, October 14, 2006, 7:14:35 PM, you wrote:

RHS> This morning, however, I checked the properties on my key once
RHS> again, and this time looked more carefully at the subkeys. The
RHS> DSA subkey can sign and certify, while the ELG-E subkey, which
RHS> has a different subkey id, can encrypt. (The default id is the
RHS> DSA key number.) Neither of them have the authenticate box
RHS> checked. Is this my problem? And if so, how do I overcome it?
RHS> Should I just generate a new keypair and use different settings?

Did you sign your own key? If not try that.

- --
Best regards,
 Scottmailto:[EMAIL PROTECTED]

Using The Bat! 3.80.03 under Windows XP Professional/5.1 build 2600
Service Pack 2 (0 days 9:42:9) on Uno AMD Athlon MP
pgp key: http://sfrederick.com/keys/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (MingW32)

iD8DBQFFMaQu9MpAGb2a408RA0J3AKDgCr8q1IOvJmQ4baVCb2I/rE6UFgCgz38g
8nAU1Cn481lKmRCU4sAZyoY=
=QooF
-END PGP SIGNATURE-



Current version is 3.85.03 | 'Using TBUDL' information:
http://www.silverstones.com/thebat/TBUDLInfo.html

Re: TB! and GnuPG (and PGP)

[Mica Mijatovic]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

   ***^\ ."_)~~
 ~( __ _"o   Was another beautiful day, Sat, 14 Oct 2006,
   @  @  at 21:30:39 +0500, when Richard H. Stoddard wrote:

> I have been trying to make The Bat! and GnuPG work together. I
> installed the latest version along with WinPT, and once in awhile it
> would work, but usually not. I am now having problems with PGP as
> well. In both cases, when I try to sign or encrypt using the tray app
> I get error messages that state the TB! email window contains no text
> or is not the last input focus.

> Does anyone have any idea what is going on??

If your GnuPG otherwise works, even if just once it was working well
(for instance you hit Ctrl+Shift+S in TB editor and it offers the
"combo" with the list of your keys), then it means that it's properly
installed, both with the added PATH and the registry entry.

If you have installed it using gpg4win installer, then it has done all
this work for you automatically in the setup process.

If WinPT, as a part of this installation, doesn't work properly, then
probably is problem with it itself. Try to use GPGShell instead
(touching not your present installation; just install GPGShell, and it
will automatically find and recognize GnuPG and its parameters).

- --
Mica
 ~~~ For personal mail please use my address as it is *exactly* given
 in my "From" field, otherwise it will not reach me. ~~~
GPG keys/docs/software at: http://blueness.port5.com/pgpkeys/
   http://tronogi.tripod.com/pgp/pgpkeys/
[Earth LOG: 670 day(s) since v3.0 unleashing]
OSs: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium
 Windows XP(ee) Micro Lite Professional 1.6, Gentoo & Vector ~ Wine
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6-svn-4217 <>o<> tiger192 i686 (Cygwin/MinGW32)

iQEVAwUBRTErsLSpHvHEUtv8AQjbowf+JBypKAozs5mg9cOzrAP9Lx752i7Ju8jf
XTmDfIn6x/Tj10L5Ko1WxJgcNgUXs9NRPSK+mWT2PTCIFy+AFAwsQ8p3WNp0bkKv
I1kDkSNNTrAgJ1XC+xmrNvlwGDkri8uGS3o5uUSEq3nKKNgP5Z0FgI47SX14XVGT
8b6tu0+EE/yLyaYEz6PcWlpnC2Eg2AD4JWBpKldFaAhhRdeupywvLOF0PcRnLRGK
PJvx/eg3lPHPPfoIE+b1cKVaPT1xBy0e/gsMf9zCrdtmNd3HvJhFQWv0TOYdTnih
XcOMK8aidejy7dB1gsoFR8WsOLQjl9ziVzoMeAx+DqRaNASU9UJttg==
=Ho+c
-END PGP SIGNATURE-



Current version is 3.85.03 | 'Using TBUDL' information:
http://www.silverstones.com/thebat/TBUDLInfo.html

Re: TB! and GnuPG (and PGP)

[Alexander S. Kunz]

Hello Richard H. Stoddard & everyone else,

on 14-Okt-2006 at 18:30 you (Richard H. Stoddard) wrote:

> I have been trying to make The Bat! and GnuPG work together. I
> installed the latest version along with WinPT, and once in awhile it
> would work, but usually not. I am now having problems with PGP as
> well. In both cases, when I try to sign or encrypt using the tray app
> I get error messages that state the TB! email window contains no text
> or is not the last input focus.

Tray app? I don't think you need it.

> Does anyone have any idea what is going on??

In TB's main mindow, go to the Tools menu and choose OpenPGP / Select
OpenPGP version. In the window that opens, GnuPG should be available. If
its greyed out, you must add the path to the gpg executables to the PATH
environment variable (right click on My Computer, Properties, Advanced,
Environment Variables, check the box "System Variables", it contains a
variable "path" - you must have admin rights to edit it).

-- 
Best regards,
 Alexander (http://www.neurowerx.de)

The errors to avoid are those that eliminate opportunities to try
again. -- Lazar Goldberg



Current version is 3.85.03 | 'Using TBUDL' information:
http://www.silverstones.com/thebat/TBUDLInfo.html