From: Scott Mills Area: Public Key Encryption To: Jim Cannell 28 Aug 94 22:40:24 Subject: Memory UpdReq Friday August 26 1994, Jim Cannell writes to All: JC> My keyring has gotten too big. PGP is now complaining about adding more JC> keys. I get an out of memory message, and the keys do not get added. JC> This happens somewhere around 5000 keys. JC> The only way around this that I see is to modify PGP to use extended JC> memory. 640k is just not enough. Has anyone modified PGP to do so? JC> This doesn't look like a very tough problem. It's just that I would JC> rather put my time into something else. Have you tried converting to OS/2? I don't have enough keys to be certain that would cure your problems but since it has flat memory you shouldn't get any "out of memory problems" untill you kill all the ram on your system. Scott Forget guns. Start criminal control! Scott Mills 1024/26CD5D03 PGP fingerprint = 13 D6 FF 43 53 3D 54 7B 94 D0 6B F4 24 13 E5 BD sm@f119.n265.z1.fidonet.org --- 201434369420143436942014343694201434369420143436942014343694718 From: Scott Mills Area: Public Key Encryption To: Jim Cannell 28 Aug 94 22:43:16 Subject: Memory UpdReq -----BEGIN PGP SIGNED MESSAGE----- Friday August 26 1994, Jim Cannell writes to All: JC> My keyring has gotten too big. PGP is now complaining about adding more JC> keys. I get an out of memory message, and the keys do not get added. JC> This happens somewhere around 5000 keys. JC> The only way around this that I see is to modify PGP to use extended JC> memory. 640k is just not enough. Has anyone modified PGP to do so? JC> This doesn't look like a very tough problem. It's just that I would JC> rather put my time into something else. Try converting to OS/2 or some other OS with flat memory. A quick run of PGP -kv > keys.lst shows 5,160 keys and no problems adding more. Scott Feet smell? Nose runs?... You're built upside down... Scott Mills 1024/26CD5D03 PGP fingerprint = 13 D6 FF 43 53 3D 54 7B 94 D0 6B F4 24 13 E5 BD sm@f119.n265.z1.fidonet.org - --- -----BEGIN PGP SIGNATURE----- Version: 2.6a iQCVAgUBLmEhtiP6qSQmzV0DAQGIPAP/fJhWrMqyxySypHPbSre5CIZ+7y78BqbM ByxTSSqfWB00VGS4g+gnpPqo2FRirQA9x1gz0H+Qhoxjs9gBwIEOZIJw1Gp6dano bkpi/8UCmPfiqZgqS+AsRFMforG2zIvhVr4p64zgfWzJKPlAwiP2mXj33bTryAnx 8MZfK2bGp8U= =zsn4 -----END PGP SIGNATURE----- --- 201434369420143436942014343694201434369420143436942014343694718 From: Wes Landaker Area: Public Key Encryption To: Richard Walker 29 Aug 94 18:05:48 Subject: New to PGP UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello Richard! 27 Aug 94 09:19, Richard Walker wrote to Wes Landaker: RW> There is no such thing as private mail on this system. No one RW> but me has any access to any private netmail type area. Also, RW> all users on my system are specifically warned every time they RW> log on that there is no such thing as a private message on this RW> system. That's fine for mail on your system, if you've got plenty of disclaimers saying that. But for _in-transit_ netmail, what we are talking about here, no matter WHAT you "disclaim" it's still illegal to read if you are not the sender or receipiant. RW> Besides, how would you prove that I read it?? _I_ don't have to prove it. _I_ don't work for any law enforcement agency. Anyway and besides, a message or two ago, you confessed. =) RW> Secondly, this is again an error. It is not necessary for an RW> operator to read a message in order to kill messages with a PGP RW> signature or encryption. System mailing software can do this as RW> part of its normal mail handling function. It's still censoring, and I don't believe you can do that either to in-transit mail without taking responsibility for ALL of it's contents. Besides, "Sure, Your Honor, I censor the mail, but I don't _READ_ it." =-) wjl [Team OS/2] * 1:202/1822@fidonet.org * 371:30/1@chnet.ftn * * wjl@f1822.n202.z1.fidonet.org * PGP Key: AD2254A5 * FREQ: PGPKEY * -----BEGIN PGP SIGNATURE----- Version: 2.6wjl iQCVAgUBLmKUJ8lPrmStIlSlAQHFmwP+MmEg7CzBRNpj94TYOWxLU0AoMLIBh/IP Fh8GfTTovG44+QW/VIo12J8SvVr3kMh+Tr41JFgEgXbVe/9fhCL26OUoQ6DGlqUX wBAMDZVHB1RfvFzQFYAkGl4p/Y3rFlPWyjAmyWweb7UjKr8KF28FVOG7Vw4GoNtM kZoDdu2NwoM= =gEKW -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Wes Landaker Area: Public Key Encryption To: Richard Walker 29 Aug 94 16:48:20 Subject: Net 106 still at it? UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello Richard! 27 Aug 94 09:23, Richard Walker wrote to Wes Landaker: RW> Again, how does that prove it was read by anyone????? System RW> mailing software can do that without any action on the part of RW> the operator. Not that I am, and not that they are, but if I were working for a law enforcement agency, and they were trying to "crack down" on this sort of thing, getting a message returned in that sort of way would give _THEM_ more than enough "evidence" to get a warrent, or arrest you, or whatever the hell they want to do. =) Me personally? No, I can't _PROVE_ that anyone read the message. Even if you reply to this message, and I can't _PROVE_ that you read it--maybe you just had your software send back an automated reply. :) RW> My software example was relatively simple for the sake of space, RW> but it is not hard for a piece of software to detect and bounce RW> the PGP encryption and signing data. Its just somewhat longer, RW> probably about 20 lines or so. Whether the leading text is the RW> same or not. Like I said before: I don't think you can do that, legally. RW> Just because you get a signed message bounced back to you, does RW> not prove that it was read by anyone unauthorized to do so. As surely as you've read this message, someone did. Maybe that isn't _PROOF_, but it's pretty damn close. :) wjl [Team OS/2] * 1:202/1822@fidonet.org * 371:30/1@chnet.ftn * * wjl@f1822.n202.z1.fidonet.org * PGP Key: AD2254A5 * FREQ: PGPKEY * -----BEGIN PGP SIGNATURE----- Version: 2.6wjl iQCVAgUBLmKC4slPrmStIlSlAQHc1QP/fzh2nwLyU9jI17mq5I/ofauaTmWnRZO4 PmMosK7tyTiXICjtm+x3hViUGNMMhd1oa8dt99j5Cfaauslmq2apHaeGj+6AawyR XE+SDJFETaC/tCrUpY4ZqQZvc5QB2/GzPQ/pWr9WtyGArmvBfVANNwdP9AfkG2QD fz+s6k9Maek= =jCiR -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Wes Landaker Area: Public Key Encryption To: Bruce Bozarth 29 Aug 94 16:54:34 Subject: -- Help -- UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello Bruce! 27 Aug 94 16:21, Bruce Bozarth wrote to Wes Landaker: WL> Perhaps because some computers don't interpret it correctly? WL> Well, then I'd like to ask for you to type EVERYTHING IN WL> UPPERCASE FROM NOW ON, PLEASE, BECAUSE MY OLD COMMODORE-64 WL> (AND I DO HAVE A USER WITH A C-64 WHO READS ECHOMAIL, SO I'M WL> NOT BEING UNREALISTIC) TERMINAL DOESN'T SUPPORT LOWER CASE, IT WL> LOOKS LIKE FUNNY LITTLE SYMBOLS. You get the idea. =) BB> TYPING IN ALL CAPS IS NOT THE SAME AS SENDING CUTE LITTLE BOXES BB> AND OTHER ASSORTED CHARACTERS. YOUR VERY EXAMPLE IS ONE OF THE BB> PRIME REASONS TO AVOID USING EXTENDED ASCII CHARACTERS IN ANY My point is, you can't accomodate EVERYBODY, but there isn't much software--except outdated software--that won't strip or convert hi-ascii. Even if it looks a little funny, it's not interfering with the actual meaning of the text, unless you're sending _schematics_ or something. BB> AREAS EXCEPT THOSE WHICH ALLOW IT. :) Si high-ASCII est interdit, comment peut-on crire bien en Franais? High-ASCII is not all "bad," you know. :) BB> YOU GOT THE PICTURE... WELL, THANKS FOR TYPING IN ALL CAPS FOR MY C-64 USER. BUT YOUR SMILEY FACES LOOK FUNNY ON HIS SYSTEM TOO, SO COULD YOU STOP USING THOSE? THANKS. (Don't worry, I use 'em too!) :-) wjl [Team OS/2] * 1:202/1822@fidonet.org * 371:30/1@chnet.ftn * * wjl@f1822.n202.z1.fidonet.org * PGP Key: AD2254A5 * FREQ: PGPKEY * -----BEGIN PGP SIGNATURE----- Version: 2.6wjl iQCVAgUBLmKFh8lPrmStIlSlAQFUvAP/R44rKKbrbaYP+lSpj4J+63SxL7ZUda7O d5WSkCSN9H3vlZ82EhT0CltI13s0mtgqToVMMVKe0zFhqvoXqFnni9BeOU9hxXVn PjmLfvsEXXCdRo7vwoH+h5KOpbqjTnA95qX01veJcMKi3+itKFd8GrEJlzM4M0OH TNPk0bqubDw= =uOnK -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Wes Landaker Area: Public Key Encryption To: Jim Cannell 29 Aug 94 17:06:56 Subject: SecureMail UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello Jim! 27 Aug 94 14:55, Jim Cannell wrote to Wes Landaker: WL> Guy Martin @ 1:202/905, the SecureMail hub for my network, WL> has been marked as down in the nodelist for two weeks now. WL> :( Anybody know what's going on? JC> Guy has been gone and out of SecureMail longer than that. We're JC> looking for a replacement. Well, it was _at least_ two weeks, anyway. :) WL> If not, as opposed to sending all my mail direct, should I WL> simply route through a hub in another net? As it is, I have WL> to call LD for _all_ my fidonet connections, but if I can WL> send 20 netmails via one SecureMail hub . . . you get the WL> idea. ;) JC> Contact the R10SMH, Radi Shourbaji, 1:143/110. You may be able JC> to route through him. freq SECUREML here for the most up to date JC> map. Okay, I'll give him a try, thanks. =) WL> (Anyway, I'd offer to hub 202 myself, but unfortunately, I'm WL> long distance from the rest of the net, and I don't think WL> everyone in net202 would appreciate having to call me long WL> distance every time they wanted to send a netmail--just WL> because I have to. =) JC> Do you know anyone in Net 202 that might consider the position? I know a couple systems that a PGP friendly, (they let me route encrypted stuff through 'em) but I don't know how enthusiastic they are about encryption. You might try contacting my hub, David Lents @ 1:202/301, or Conrad Siao @ 1:202/103. wjl [Team OS/2] * 1:202/1822@fidonet.org * 371:30/1@chnet.ftn * * wjl@f1822.n202.z1.fidonet.org * PGP Key: AD2254A5 * FREQ: PGPKEY * -----BEGIN PGP SIGNATURE----- Version: 2.6wjl iQCVAgUBLmKHvclPrmStIlSlAQHbmQQAn2V8y70GncOnGUN2JB7y2/FgKM0rhYsY AUiDhpjDKMn9wwr/N6kqWsj7EjA453ApuFzFMWlAGN492o5la1d7TLYTNGE7suSt 8Bz3nC6UsYu5sL6xGm262gqaNTKXUw7EvoOj/XjVVaiDI7+/yJXFovpGF9TthQ/j hNJWeCZcFws= =GSoF -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Wes Landaker Area: Public Key Encryption To: Joe Lemere 29 Aug 94 17:13:54 Subject: Keys UpdReq Hello Joe! 26 Aug 94 15:42, Joe Lemere wrote to Wes Landaker: JL> I believe I have a handle on PGP now, thanks to this echo. JL> Below you should see my sig . . . Let me know if I bollixed JL> up the workings somewhere. ;-) WL> I couldn't check your sig 'cause I don't have your key, but WL> to the eye it looks like you did all right. ;) JL> Silly me .....Here's my key. Sorry about that! Okay, thanks. :) You should probably post your key in PKEY_DROP, if you haven't already--that's the slightly un-official "distribution echo" for PUBLIC_KEYS' keys. wjl [Team OS/2] * 1:202/1822@fidonet.org * 371:30/1@chnet.ftn * * wjl@f1822.n202.z1.fidonet.org * PGP Key: AD2254A5 * FREQ: PGPKEY * 201434369420143436942014343694201434369420143436942014343694718 From: Wes Landaker Area: Public Key Encryption To: Matt Weese 29 Aug 94 17:17:14 Subject: Version UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello Matt! 28 Aug 94 12:35, Matt Weese wrote to All: MW> Please would someone tell me what the latest version of PGP is MW> and where I can FREQ it? I've seen v2.6a and v2.7a and v2.6wjl MW> and junk like that, so I'm a bit confused. Thanks. 2.6wjl is just my personal recompile of version 2.6, with a couple things changed--no real "bug fixes" or anything like that. I just checked the code over personally, and made a change here or there just because I'm nitpicky. =) It's not avalible, but if you really want, I'll tell anybody what I did. 2.6a removed the "bug" in MIT PGP 2.6 that changed the packet revision number to 3 on and after Sept 1, 1994. I have no idea what 2.7a is. It's definately not an "official" release either--nor are either of the above. wjl [Team OS/2] * 1:202/1822@fidonet.org * 371:30/1@chnet.ftn * * wjl@f1822.n202.z1.fidonet.org * PGP Key: AD2254A5 * FREQ: PGPKEY * -----BEGIN PGP SIGNATURE----- Version: 2.6wjl iQCVAgUBLmKJtclPrmStIlSlAQGlkAQAknsKj+jHrFwZDSDgDnHKjrK5146sBbfT AzBnLLa4YejGpTXQmeFCEChmryi6sqms9MAxqWUTCnV7wA4gm7jt8G7wb8ZpCgTg KaUwQIbgMhjBwNtivM/fgtPufhBDFXY/O6jtQ4ZMBjwK03qmvZzXAhSDHKM/RryD OC3+pB7Retc= =7IcE -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Wes Landaker Area: Public Key Encryption To: John Schofield 29 Aug 94 17:52:54 Subject: Net 106 still at it? UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello John! 28 Aug 94 21:04, John Schofield wrote to Wes Landaker: ML> [Lance Rose, attorney, is the author of Syslaw, a shareware ML> legal guide for sysops, WL> Syslaw . . . if it's shareware, I'm assuming it is a WL> program? :) If so, (or even if not!) where might one obtain WL> a copy? =) JS> Syslaw is an EXCELLENT book (non-shareware) that covers many of JS> the privacy issues we've been beating into the ground here over JS> and over (and over and over) again. . . . and over and over and . . . The problem is that we never seem to get anywhere. JS> Syslaw, second edition, by Lance Rose and Jonathan Wallace. JS> Published by LOL Productions in conjunction with PC Information JS> Group, Inc. PC Information Group's address is 1126 East JS> Broadway, Winona, MN 55987. I'll keep my eye out for it, and see if I can get it (or order it) from a local bookstore. =) wjl [Team OS/2] * 1:202/1822@fidonet.org * 371:30/1@chnet.ftn * * wjl@f1822.n202.z1.fidonet.org * PGP Key: AD2254A5 * FREQ: PGPKEY * -----BEGIN PGP SIGNATURE----- Version: 2.6wjl iQCVAgUBLmKRIclPrmStIlSlAQHrHgP8CH1DwKKEOG9M3f0K+K2TmOJCe56tHYAK nvLT++v48vRNy7+m4HMNNJg8evIDHnrFhQWw6qMLQ5NZFO6a7odKrWZ7I0nGHtgf WHYZ27HFr9cP8G/7umyfYCFSdDhrtfYRWIztw2kok3teMSCbI1a8oe0/B1PHU5O3 dNUW6tKF+tA= =16Vg -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Bruce Bozarth Area: Public Key Encryption To: Shawn Mcmahon 30 Aug 94 00:15:00 Subject: -- Help -- UpdReq On 08-27-94, without care of life or limb, Shawn Mcmahon spake thusly to Bruce Bozarth regarding -- Help -- SM>Bruce, since your system is quite capable of reading them, upon what SM>basis do you found your objection? My mail reader does not read them. ... WinQwk 2.0b#0 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Shawn K. Quinn 29 Aug 94 11:31:32 Subject: New to PGP UpdReq -----BEGIN PGP SIGNED MESSAGE----- jc> I don't understand. You can't digsign stuff in =this= echo? SKQ> I thought it was sent over the normal distribution chain. SKQ> Guess it isn't. I think it's backboned normally, if that's what you mean. jason ... History tends to exaggerate. - --- timEd-B9 # Origin: Log on, Tune in, Burn out. Irving Tx 214.650.0382 (1:124/3208) * Origin: PODNet <-> FidoNet EchoGate! (93:9600/0.0) SEEN-BY: 107/946 147/1077 259/212 382/7 640/217 3611/19 9600/0 201434369420143436942014343694201434369420143436942014343694718 From: Tim Bradley Area: Public Key Encryption To: Richard Walker 30 Aug 94 02:01:40 Subject: New to PGP UpdReq -----BEGIN PGP SIGNED MESSAGE----- SM>> If you've been reading this echo, you've seen that people in the SM>> Justice Department agree with the felony status, and that police are SM>> being trained that it is true. What more do you want? A public SM>> statement from the President? RW> Neither. I want a felony conviction of a fidonet operator. Nothing RW> else is even remotely interesting. When you get one, let me know, RW> until then, I will continue to be of the opinion, that a fidonet RW> operator has no obligation to route a message with an encrypted RW> signature or text. And, actually, Shawn's barking up the wrong tree on BOTH counts from the word go: First, not only is it NOT a Felony, FCC regs specifically state that a Sysop is ENCOURAGED to moniter traffic ("private" or not) passing through his board because LEGALLY, if there is a "reasonable expectation" that he COULD have read a message (again, "private" or not), he is LEGALLY LIABLE if the message content is deemed in any way illegal. The funny thing is that most sysops get this far, figure that if it's encrypted, they can't check it so they could get busted, and won't allow encrypted mail: but the same FCC ruling states that if the Sysop COULDN'T have knowledge of the message content, he's NOT liable. So to protect themselves from liability, these sysops are laying themselves open for MORE liability. Despite comments ranted to the contrary, "electronic mail" is NOT "mail" in the eyes of the law -- it is not LEGALLY considered to be private communication if it travels through ANY system other than ones OWNED by sender AND reciever. All else is myth. Secondly, those who cite POLICY4 ought to try READING it sometime. I did, and I quote: "As a sysop, you have the right to review traffic flowing through your system, if for no other reason than to ensure that the system is not being used for illegal or commercial purposes. Encryption obviously makes this review impossible. Therefore, ENCRYPTED AND/OR COMMERCIAL TRAFFIC THAT IS ROUTED WITHOUT THE *EXPRESS* PERMISSION OF *ALL* THE LINKS IN THE DELIVERY SYSTEM CONSTITUTES ANNOYING BEHAVIOR. (Policy v4.07 sect. 2.1.4, ALLCAPS & "Bold"face mine). So not only is the sysop who sends encrypted mail back NOT in trouble with the FIDOGods, YOU ARE! if you sent it without his permission. Period. Again, anything else you hear is WRONG. That's why subnets such as SecureMail are *SO* important. As more and more people get burned by the lack of informational safety on non-signed, non-encryption allowing nets, more and more people will shift to SecureMail sites, until they dominate the Net -- THEN FIDO Policy will change ... and not before. Until then try to changethings by being POLITE about it, and REASONABLY explain the positive uses of encryption & authentification -- and face facts: to the people in charge of both FIDO and the Law, encryption proponents are PREJUDGED as being "people with something to hide" And rantings with no basis in facts ENCOURAGE that belief. Later Daze, -- Tim Bradley -----BEGIN PGP SIGNATURE----- Version: 2.6 Comment: I am Locutus of the NSA: Privacy is irrelevant iQBVAgUBLmLnJjDp94PCS+V9AQGJPQH/f1HbxhF5FAigwLuiLhqHrGA4TfyMCmll Smkpk3ecknQmY/CjOcUN8d3AKC6s+vj+gI1TxQR366PBqXjC+6H1hw== =HLyJ -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Tim Bradley Area: Public Key Encryption To: Shawn McMahon 30 Aug 94 02:27:44 Subject: New to PGP UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message of 27 Aug 94 Shawn McMahon wrote to Richard Walker: RW>> isn't it. If it came to a court trial, I'd put *big* money on your RW>> side loosing. SM> You can go ahead and send me that money, Richard, because Steve Jackson SM> won. There are others, BTW, as has been pointed out at least once in SM> R19SYSOP, which is available to you. Hunh? The Steve Jackson case has NOTHING to do with Sysops reading mail: Steve Jackson won by demonstrating the a} the search & seizure order was granted on insufficinet evidence, and b} the Government vastly exceeded the limits set in the search warrant. All it established was that IF your BBS is owned by you AND is on your premises, they can't just indescriminately read all the mail on your BBS and files on your hard drive on a fishing expedition. And that is ALL the Jackson case established. How you can compare that to monitering traffic through a system and bouncing encrypted traffic to a case so different that the only similarity was that a computer is involved boggles the mind. SM> Richard, you can go right ahead and continue to think the ECPA doesn't SM> apply to you for as long as you want. Again, have you actually READ the ECPA? I think ... NOT. The ECPA applys only "where a reasonable expectation of Privacy exists". Ever read how a "reasonable expectation of privacy" is defined? Didn't think so... a "Reasonable Expectation Of Privacy" applies only where the ENTIRE membership of a posting area is restricted EXCLUSIVELY (including the ABILITY to read messages) to a restricted membership, and applies only to viewing by persons OUTSIDE the membership ... Netmail included, messages defined as having a "Reasonable Expectation Of Privacy" under the ECPA fall under three catagories: a} Crashmail sent FROM a system owned by you TO a system owned by the addressee of the message, b} Textfiles on your own system inaccessable to outside callers, and c} FIDO Sysop-only echoes (but Sysops OTHER than the addressee may be allowed to read your "private" mail without violating your rights under the ECPA. That's *IT*. Now, you can VOLUNTARILY restrict yourself under the ECPA, but the general consensus *I'VE* seen among people who actually STUDY this stuff is that a} It would be VERY unlikely to hold up in court, Legal Counsel being equally competent; and b} the vast majority of the so-called "experts" in the Police & legal fields directly dealing with computer privacy & crime have *NO* clue what the thing SAYS, let alone IMPLIES, and convictions based on it are almost never upheld in Appeals. SM> Your opinion doesn't change US law any more than Policy4 does. And neither does yours, but at least has a more well informed opinion than you do -- I agree with your IDEALS, I DEFINATELY think there SHOULD be solid protection for privacy and civil rights in electronic communication ... but don't you understand that by spreading this kind of misinformed rant you HURT progress TOWARDS that goal? Later Daze, -- Tim Bradley -----BEGIN PGP SIGNATURE----- Version: 2.6 Comment: I am Locutus of the NSA: Privacy is irrelevant iQBVAgUBLmLtaTDp94PCS+V9AQEMoQH/ZOhvF8cgaapWv0jMn5UcrpcKILxZUjKI oPuDkSzs9II5ULCqE0CDOaFhp9ZqIphPFN05BkdrErMi1Zrzi7Y3bQ== =G/+Q -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Tim Bradley Area: Public Key Encryption To: mark lewis 30 Aug 94 02:51:16 Subject: Net 106 still at it? UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message of 28 Aug 94 mark lewis wrote to Tim Devore: TD>> As it states in the FIDOPolicy4 the sysop can read all mail, ml> FIDONet Policy (any of them) is not above the law in any country. if ml> the law states that it is illegal to read mail not addressed to or from ml> you, then it is illegal, period. Okay, one more time: the ECPA notwithstanding, "EMail" of ANY sort IS NOT LEGALLY "MAIL" protected by Privacy laws. And while the ECPA DOES, in fact, define Netmail as communications whose privacy is deserving of some protection, it does NOT define ANY form of EMail as being legally recieving the rights and protections of conventional mail. The ECPA *IS* a step in the right direction, but the definitions of a "reasonable expectation of privacy" (which is how ECPA protected mail is defined) are so limited as to be virtually useless except in cases of search & seizure (like the Steve Jackson case) and In-House company mail in VERY limited cases. Once mail hits a net, in the VAST majority of cases even Netmail is in *NO* way protected by the ECPA. MR>> The ECPA tells you when and how you may read netmail on your system and MR>> under what limited circumstances and to whom you may disclose your MR>> knowledge. And I'll freely admit it does a MUCH better job in this department than in terms of actual READING of the mail. ml> if you read about a murder and all the gory ml> details about how and when it was done, then you are an acomplice after ml> the fact unless you turn them in to the law. at least here in the US ml> that's how it is being interpreted. it's best to not read any mail not ml> addressed to or from you at all. And unfortunately, that's not much protection either from what I hear: The cases I've heard of dealing with HAM Packet relays (where this has been an issue a LOT longer than in the phone-line BBS world) the FCC and other legal entities have ruled that if a "reasonable expectation" (there's that term again) exists that you COULD have seen such a message, you can be charged as if you actually HAD. VERY spooky stuff. When I finally go to BBS status, I'm going to hook into SecureMail ASAP and STRONGLY encourage ALL Netmail traffic to be encrypted. I want *NO* chance of being slapped by something like that. It's funny that the Sysops who are trying hardest to AVOID legal liability are actually INCREASING their liability... Later Daze, -- Tim Bradley -----BEGIN PGP SIGNATURE----- Version: 2.6 Comment: Would you send a letter without an envelope? iQBVAgUBLmLy7jDp94PCS+V9AQHBhQH8D+k6i6WkR8WKGLOWFPuQyaEN27kSX3T4 6PppZvpbUa+CFH47U8nXoXsdV2B7Pn/YXi5C2OilN/tqnNlC/gek8A== =zUYi -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Richard Godbee Area: Public Key Encryption To: All 29 Aug 94 20:48:02 Subject: My key... UpdReq I was just wondering about something. I have one or two AKA's on my key as of now. If I were to delete an AKA, add an AKA, get it signed by someone, etc., could people with my old un-modified key still send me encrypted messages that my PGP could decrypt? I know my key would change, but would there still be compatibility between the two? Thanks! --Ricky Godbee, Jr. ...Byebyte: Losing a file in your computer. ___RATS 2.1 with 2024 taglines. 201434369420143436942014343694201434369420143436942014343694718 From: Richard Walker Area: Public Key Encryption To: Shawn McMahon 30 Aug 94 06:56:30 Subject: Re: New to PGP UpdReq SM> You can go ahead and send me that money, Richard, because Steve Jackson SM> won. There are others, BTW, as has been pointed out at least once in SM> R19SYSOP, which is available to you. So, was SJ accused of bouncing PGP encrypted mail??? nope. Your example is like saying a random bank robber convicted of steeling money from a bank proves that bouncing PGP encrypted mail is in violation of ECPA. Not exactly what I'd call convincing. RW>> let me know, until then, I will continue to be of the RW>> opinion, that a fidonet operator has no obligation to route a RW>> message with an encrypted signature or text. SM> Richard, you can go right ahead and continue to think the ECPA doesn't SM> apply to you for as long as you want. Sure it applies to me. I've read it and am in full compliance. There are no private messages on my system. There isn't even the ILLUSION of a private message on my system. Messages on my computer come in only one flavor, PUBLIC. SM> As long as it doesn't inconvenience me in any way, I'll just laugh at SM> you. The day it does, I'll file charges. You can file charges till the cows come home. No felony conviction, no interest. I can't off the tip of my head think of a way to inconvenience you. Perhaps you could make a suggestion? SM> Your opinion doesn't change US law any more than Policy4 does. My opinion is in agreement with US law. Your opinion is the wishful dreaming of a conspiracy theorist. Your opinion basically says that you believe every person with a computer and modem has signed some agreement saying that they will deliver your mail, somehow this doesn't seem to be what I've read in ECPA. Yours truly Richard Walker +------------------------------------------------+ | fidonet: 1:106/960.0 GT Net: 007/010 | +------------------------------------------------+ 201434369420143436942014343694201434369420143436942014343694718 From: Richard Walker Area: Public Key Encryption To: Carl Hudkins 30 Aug 94 07:12:34 Subject: Re: Question or two UpdReq CH> I find it interesting that some people think having a program CH> read the mail for them, such as doing a keyword search to censor/bounce CH> mail, does not violate privacy and/or laws. ("Hey, if my software =just CH> happens= to screw up somehow when PGP messages are passing through it, CH> it's not my fault!") The point is that the mail (I'm referring to CH> Netmail here, FYI) has been examined, with intent to refuse or "lose" it CH> based on its content, and that's just plain =wrong!= I don't think you understand, in fido technology messages, the content HAS to be examined by software with a fine tooth comb in order to properly deliver or return a message to its sender. That is just the way it is, and there is no way around it. The point is that no human being is learning the content of a private message whether it is sent on by the mailer software or is bounced back to the sender by the mailer software for whatever reason, and there are lots of reasons that can cause a message to go into the twilight zone. CH> I (and probably you, too, since you read this echo) have seen CH> people basically defy us to get them convicted. I don't know whether to CH> be happy or sad that I don't live within their jurisdiction -- I might CH> just try it. Somebody needs to! You can bark all you want; but this is like saying that you believe you can get a felony conviction for Joe Average with a computer and a modem who refuses to deliver your mail; so far there have been none, and likely there will be none as long as no human being reads someone elses private mail. Yours truly Richard Walker +------------------------------------------------+ | fidonet: 1:106/960.0 GT Net: 007/010 | +------------------------------------------------+ 201434369420143436942014343694201434369420143436942014343694718 From: Brian McMurry Area: Public Key Encryption To: Jason Carr 29 Aug 94 18:44:02 Subject: Re: My PGP Key UpdReq -----BEGIN PGP SIGNED MESSAGE----- On Tue 23-Aug-1994 10:22a, Jason Carr wrote: RW> Two keys. One for my handle. JC> Hmmm. Did you want to have a totally seperate key for the handle? I JC> mean, You can have multiple user IDs on the same key. Still seems to work a bit iffy with AKAs. I recently merged my handle and name into one key, but when Chris Baker signed it, it came back with the AKAs stripped. Since PGP only added his sig to my pubkey my AKAs remained intact locally. Has anyone else had similar experiences with 2.6+? -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLmG7xd2dg1OWsljdAQELaAQA7AweuNC2EGc2GnD+NeZY34WBKPS5jtb7 h82k9yG04MaXDUF47bqORFD5RlTiu/iI4/V1wdy3zDGfeIcWYFYCXFTSJk8R/0hx fbeazX1n1sKYJN90wcXJIUdTQRmFCbicY3i62nHEgUfvxzppnK2ZwZ/s4UXyCz5a Yj8TL0OfhGI= =EmIl -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Brian McMurry Area: Public Key Encryption To: All 29 Aug 94 19:34:58 Subject: Re: Phil's views UpdReq JG> To: All Users of PGP JG> From: Philip Zimmermann, creator of PGP JG> Re: Misconceptions about PGP 2.6 from MIT JG> Date: 18 Aug 94 The whole thing reads like a cryptic quatrain. The first half is the message, while the second half is the disclaimer. JG> However, because of a negotiated agreement between MIT JG> and RSA Data Security, PGP 2.6 will change its behavior slightly on 1 JG> September 1994, triggered by a built-in software timer. "behavior"? Let's call it what it is; it'll use a different encryption algorithm. JG> older (2.3a and earlier) versions of PGP, which Public Key Partners JG> contends infringes its RSA patent (see the section on Legal Issues). But not you, right Phil? ;) JG> It appears that PGP 2.6 has spread to Europe, despite the best JG> efforts of MIT and myself to prevent its export. Since Europeans now JG> seem to be using version 2.6 in Europe, they will have no problems JG> maintaining compatability with the Americans. Hahaha, in the original docs to PGP doesn't Phil state that wide distribution was the key to success? I'm sure he's (secretly) overjoyed. JG> environments where RSAREF is not required, it is possible to JG> recompile the same PGP source code to perform the RSA calculations JG> without using the RSAREF library, and re-release it under the JG> identical licensing terms as the current standard freeware PGP JG> release, but without the RSAREF-specific restrictions. "environments" as in those European countries that 'despite your best efforts' have gotten PGP source? Not that you'd suggest that anyone start a "mutant strain"... JG> Some people are attracted to PGP because it appeals to their JG> rebellious nature, and this also makes them resent anything that ^^^^^^^^^^ As in "Guerilla"? 201434369420143436942014343694201434369420143436942014343694718 From: Brian McMurry Area: Public Key Encryption To: Scott Miller 29 Aug 94 20:20:40 Subject: Re: PGP 2.6a authors UpdReq On Fri 26-Aug-1994 11:12p, Scott Miller wrote: SM> Whoooa, kinda similar huh. Two possibilities SM> 1* GK is RG SM> 2* There is a really PGP familiar user on GK's board. SM> I vote for 1. I figure that RG is protecting himself from the same mish-mash that PZ is in right now. RG is probably either GK or PZ since CB and GK have both signed his key. But, an audit trail would just ruin his anonymity. 201434369420143436942014343694201434369420143436942014343694718 From: Zorch Frezberg Area: Public Key Encryption To: Scott Mills 30 Aug 94 15:51:14 Subject: Net 106 still at it? UpdReq In a msg on , Scott Mills of 1:265/119 writes: ZF>> If the guns are registered in _her_ name, some states will ZF>> allow it. However, most courts would recognize any ZF>> possession within 'arm's reach' is a violation, depending on ZF>> the jurisdiction. SM> Well, obviously both Maryland and Arizona allow it. He shoots SM> regularly with at a local range in Maryland and on his SM> property in Arizona. Most guns don't have to be registered in SM> civilized states anyways(none of mine are). Depends on the firearm...especially with the assault weapon paranoia. ZF>> No connections, no bribes...just a long and tedious process. SM> Yes, connections are needed and the bribes are called legal SM> fees. As Mr. Liddy spends much of his air time in the hundred SM> plus cities he broadcasts to stating how incompetent the BATF SM> is it is doubtful he could convince them. Again, it depends on the locale. Each state has it's own rules and procedures. In CA, for example, a non-violent/non-sexual offense can be pardoned by the Governor after a three-step process is completed...if the Gov wants to do so. If it _is_ a violent/sexual offense, the petition has to go before the State Supreme Court (highest state court), the State AG, and a review board compiled by the Legislature. Even then, there are ways around it, but for the most part, a pardon by the governor of the state is void if the procedures aren't followed. This seems to be the procedure, give or take a detail or process step, in various other states as well. ZF>> And no, I haven't gotten my equipment back yet; it's been ZF>> almost a year. SM> At last we drift almost back on topic. Have you been charged with SM> anything yet? Or are they still just talking about what you SM> could be charged with? Either way I wouldn't count on ever SM> seeing your equipment back in working condition. I've been charged and prosecuted for a case unrelated to BBS activity. My equipment was confiscated and not returned because I wasn't given the sentence that the prosecutor wanted, as stated by the prosecutor to my attorney. Nice touch, eh? -zf- 201434369420143436942014343694201434369420143436942014343694718 From: Scott Miller Area: Public Key Encryption To: mark lewis 30 Aug 94 16:23:00 Subject: PGP 2.6a authors UpdReq > umm... the one on GK's key says MAY not July... 5th month not 7th > -=B-) What was I smoking that night!!!! 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: Shawn K. Quinn 31 Aug 94 14:19:04 Subject: Re: New to PGP UpdReq Despite the stern warnings of the tribal elders, Shawn K. Quinn said this to Shawn McMahon: SKQ> At the very least, if we can prove this, even if the courts SKQ> can't, Jim Dailey should be barred from all access to SKQ> FidoNet and any public BBS for LIFE. If this can be proven SKQ> in court, let's make sure he's sent to prison! I disagree. I'd just like to see him stop. Sending the man to prison won't accomplish anything; he's just wrong, not dangerous. In fact, he's a nice guy, and has contributed greatly to our hobby. Far better that he be encouraged to quit screwing up. 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: jason carr 31 Aug 94 14:22:50 Subject: Net 106 still at it? UpdReq Despite the stern warnings of the tribal elders, jason carr said this to Scott Mills: jc> Good point. What if he =were= checking for certain strings, but jc> not "pirate," "Warez," "child molestation," or "cheat the jc> IRS." I was rereading the ECPA yesterday, and I found some interesting bits about what happens if you "construct a device" for the interception of mail. It's sufficiently broad that I believe it would include programming another device to intercept mail. Thus, the fact that someone has automated the process is specifically excluded as a defense under the ECPA. Not only that, but constructing the device itself is a violation. I was correct; Jim can get in trouble for anybody else using his program, too. Not just as an accessory, but as a specific ECPA violation. Lovely. 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: Tim Devore 31 Aug 94 16:01:08 Subject: -- Help -- UpdReq Despite the stern warnings of the tribal elders, Tim Devore said this to Shawn McMahon: TD> BECAUSE I CAN'T!! Just because some can read/see them don't mean TD> that ALL can and for one I've had to drop the BBS_Advertising TD> Echo because they started to mess up my message databases. Then I suggest you use software that isn't going to barf on ASCII codes between 128 and 255, because even if every single person in Fidonet stops using them (which is very doubtful, since over half of Fidonet sysops live in countries where such characters are VERY common in names, and even in the US they're not unheard-of) you're still going to have problems when they creep in by accident. Your software is buggy, if it messes up your message databases on those characters. 201434369420143436942014343694201434369420143436942014343694718