From: Alan Pugh Area: Public Key Encryption To: Jim Grubs, W8GRT 12 Oct 94 15:48:40 Subject: Clear-Signed "Hole" UpdReq -=> Jim Grubs, W8GRT was saying something about Clear-Signed "Hole" > -----BEGIN PGP SIGNED MESSAGE----- > gp> This reported problem is expected to be fixed, with the release of > gp> 2.6.2, which is anticipated to be available within two weeks. There > gp> will be some additional enhancements as well. > gp> Look for the release sometime after this coming thursday. > gp> > gp> -gk > uh, is there any word when it will settle down? this > _release a week_ > stuff is confusing to many. myself included. i'm > sitting on 2.3a until > a relatively bug-free, stable and verified version > comes out. > i'm beginning to get a mite suspecious of the myriad > of versions > floating around. JGW> The MIT version is written by Phil Zimmerman. What the hell more do JGW> you want? i'd like some stability. i'd like maybe for someone at mit to test the stuff before they release it. this is especially hard to understand when hacked bug fixes appear within days, if not hours, of the official release with the functionality promised but omitted by mit. this rev a week stuff is confusing, and lends itself well to uncertainty. amp <0003701548@mcimail.com> October 12, 1994 16:48 ... Veracity Index = where 10 is true and 1 is Clinton. 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 15 Oct 94 01:12:52 Subject: PUBLIC_KEYS Echo Guidelines - regular repostUpdReq -----BEGIN PGP SIGNED MESSAGE----- This is the PUBLIC_KEYS Echo. The purpose of the Echo is to provide a place to discuss public-keys for data privacy within FidoNet and elsewhere. We also consider electronic signature possibilities using public-keys and discuss data and software encryption and the various schemes and programs that produce them. This is a technical Echo with very few rules. Those very few rules are: 1. Stay on-topic. Topics of keys and encryption and related privacy and electronic signature issues are welcome. Others are not. 2. No politics [except as it relates to privacy issues] and no religion. 3. No personal attacks, slurs or innuendo. Stick to issues not personalities. 4. No Private flagged messages in Echomail! Encrypted traffic using public-keys is permitted for the exercise so long as it is on-topic. Don't send person-specific encrypted traffic. Such specific traffic belongs in direct Netmail. Encrypted traffic should be in the form of public-keys or public-key signed messages that can be read by anyone with PGP 2.4+ and your public-key. Include your public-key when sending such messages in case the other end doesn't have it or make them aware of how to get it from your system. 5. This Echo may be traveling around the world so try to be concise. Avoid excessive quoting for one-liner responses. 6. Be aware that Echomail is NOT secure. Don't take anything at face value. 7. The posts in this Echo are the sole responsiblity of the poster. If you need verification, use Netmail. 8. The Moderators will deal with off-topic traffic. Don't respond for them. Links to this Echo will only be curtailed when absolutely necessary so please don't make it necessary. [grin] The Moderators are Christopher Baker [KeyID: 1024/F89A24F9 1994/05/18] and GK Pace [KeyID: 1024/EE38FB41 1994/05/14] at 1:374/14 and 1:374/26, respectively. It is Gated into Zone 2 by Jens Mueller at 2:24/24 who sends it on to Harry Bush at 2:51/2. Consult Jens or Harry for Zone 2 feeds. The Echo is gated into Zone 3 by Jackson Harding at 3:800/857. [thanks, guys!] The other Zones are open [hint, hint]. It is recommended that individual, public-keys be made available via Netmail or by file-request with the magic filename: PGPKEY and that the public-key provided for that request by given a distinctive filename using part or all of each provider's name and address. For example, on my system, a file-request of PGPKEY will give BAK37414.ASC to the requesting system. A magic filename of KEYRING will yield extracts from my Public Keyring as BAKPUB14.ASC. This will avoid duplicate overwriting and make it easier to track the keys. Using standard magic filenames will make it easier to find keys and keyrings on different systems. The PGP and Privacy and encryption related files on each system should be maintained with a magic filename for file request. PGPFILES should be set on all participating systems to allow your current related files to be picked up at any time. It is suggested that the actual filename indicate the origin of the list to avoid confusion and overwriting. PGPFILES requested from this system gets the requestor a file called: PGP37414.LST. The contents of this Echo are archived on 1:374/14 as the area is purged. The current past traffic is in the file PUBKEY.ECO. Archived volumes of past traffic [P_ECHO1.ZIP - P_ECHO99.ZIP for example]. Files on this system are available anytime except 0100-0130 ET and Zone 1 ZMH at 1200-9600+ HST/V32 for FidoNet listed systems only. Request FILES for complete listings. This Echo is currently available on the Zone 1 Backbone. It has been EListed as of ELIST211. Please feel free to announce this Echo in all Nets and Networks. A companion Echo for the purpose of submitting public-keys only is now available as PKEY_DROP Echo. PKEY_DROP may be obtained via the same channels as PUBLIC_KEYS. NOTE: If you lose your secret-key password [or forget it] or your secret-key in a drive crash [because you failed to back it up on floppy], you cannot issue a revocation certificate. In that case, you should make a general announcement in all related Echos that your old key should be disabled using the PGP disable command [PGP -kd userid] for your userid. That keeps your useless key on their keyrings [so they won't be replaced from other lists who didn't get the word] and permits them to add a new key from you without one interfering with the other. Thanks. TTFN. Christopher Baker & GK Pace Moderators -----BEGIN PGP SIGNATURE----- Version: 2.61 Comment: PGP 2.6.1 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLp9k18sQPBL4miT5AQEWxAQAtIcGq9X/yrJ0HwjiDxj7hizZhUUBUhIl P+XwkK1ZH8Qb6gR0WEjghqeGuBNmZ7SJDYJ3GRnlggFhCUNpRo/H+6ax8mNWyiM7 PSivGDcQ+/qxHyg4M2Yx5XDeeVJBCmxQLrC2Rt5y0ZYk9WRFfuaL8R369purlpnh 4YxocTXVs28= =WKSH -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 15 Oct 94 01:13:42 Subject: PGP-related filename conventions UpdReq -----BEGIN PGP SIGNED MESSAGE----- [the following are the standard magicnames for various PGP-related files available from participating FidoNet systems. please adjust your magicnames to match those in the list. this will make it much simpler for folks to find PGP-related stuff they need. thanks] the following is the list of standard PGP-related magic filenames that should be used for uniformity by all who provide such files: PGPKEY for your public-key. make the filename distinctive with your Node number or name. mine is BAK37414.ASC. KEYRING for your public-keyring. make the filename distinctive likewise. mine is BAKPUB14.ASC. REVOKE for any key revocation certificates you might issue. mine is BAKREVOK.ASC. PGPFILES for your PGP/privacy/encryption filelist. mine is PGP37414.LST. PGP for the current version of MSDOS PGP executables and docs. PGPSRC for the current version of PGP source files. PGPALL for both executable and source. PGPAMIGA for Amiga version of PGP. PGPATARI for Atari version of PGP. PGPMAC for Macintosh version of PGP. PGPOS2 for OS/2 version of PGP. PGPUNIX for Unix version [if there ever is one] PGPVAX for Vax version [likewise] [send them the source if they request a Unix or VAX version!] if we all use the same conventions, it will be easy for anyone anywhere to file-request just what they want and get what they expect. [grin] thanks. TTFN. Chris p.s. in addition, some of us compiled PEM public-keys for Internet use. those keys and rings are available as: PEMKEY for your PEM public-key PEMRING for you PEM public-keyring C. -----BEGIN PGP SIGNATURE----- Version: 2.61 Comment: PGP 2.6.1 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLp9lC8sQPBL4miT5AQGKAgQAlcd09P955YwY4lErrj7ZZNNP+AN5BShM Poi6BuwYrFA6ymfFa1mJebhFRgqwnnHTfAXyXNJ3TLCIXlwagEgR+EZBwgIaDgEp HrDvUJxZNp5es3NktqmiRnPb3CDqTkLhFkFMGy32dPIp7vQ0n8+1meAEBVeUz+1m 1H1VTX4pX8k= =YUPN -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 15 Oct 94 01:14:44 Subject: SecureMail Host Routing system info UpdReq -----BEGIN PGP SIGNED MESSAGE----- The FidoNet (r) SecureMail System 30 Mar 94 Copyright (C) 1994 Jim Cannell [Source: GK Pace, 1993; Christopher Baker, 1994] Introduction: This document describes the SecureMail FidoNet (r) Routing System, its Statement of Purpose, and defines the principles by which it shall be operated. It should be noted that FidoNet is a registered trademark owned by Tom Jennings, used by permission to refer to the FidoNet, a hobbyist network of amateur, independent, interconnected systems (Nodes) providing E-Mail transfer services world-wide. Definition: SecureMail can be defined as a group of FidoNet Sysops who have volunteered to provide an alternative E-Mail routing service within the FidoNet Network. The SecureMail System is a component of the FidoNet Network. SecureMail is NOT an alternative, separate, or distinct network. Statement of Purpose: The primary purpose of Securemail, and reason for its creation is the desire for providing increased privacy in the routing of FidoNet E-Mail. The term privacy as used in the transfer of E-Mail is an arbitrary one. Absolute privacy cannot be expected. The degree of privacy obtained will always be related to the procedure(s), effort used to insure privacy, and should not be expected to be absolute if data is to be communicated from one place to another. Routing of E-Mail, as compared to sending it direct, cannot be expected to have as high of a degree of privacy as might be expected when sending it direct. Those who are engaged in operating the Securemail system do so with the primary goal of insuring that all E-Mail routed thru it be afforded the highest degree of privacy technically possible. Those using the Securemail System can expect to enjoy a higher degree of privacy than other forms of routing, but should not expect absolute privacy. Functional Description: The SecureMail System is a group of individual FidoNet Sysops who have volunteered to work together to provide the SecureMail Routing Service to FidoNet Sysops. This group is organized, but does not have authoritative positions. Each SecureMail Sysop is an independent volunteer furnishing a service. There are no monetary rewards, each Sysop contributes the resources he or she uses to provide the service, including all costs incurred in providing it. The operational structure may appear to have hierarchical order and indeed it does, however such structure implements a routing matrix, not positions of authority. The SecureMail operational philosophy can be described as cooperative autocracy. Each SecureMail Sysop is an independent operator who has volunteered to assume the various responsibilities required of an organized effort. No one is compelled to participate, but participation requires the performance of certain agreed upon functions, standards, and of course interaction as a group. Most of the activities parallel or are incidental to normal FidoNet activities. Routing Hierarchy: The basic routing strategy follows the normal FidoNet pattern of routing thru Zones, Regions, Nets, to Nodes. The difference is that SecureMail traffic is routed thru SecureMail Hosts rather than the FidoNet Hosts. A SecureMail Sysop serving in each position is referred to as a Host. There are functional (not Authoritative) positions such as Zone SecureMail Host (ZSMH) Region SecureMail Host (RSMH) and Net SecureMail Host (NSMH). An International SecureMail Host (ISMH) functions as a central coordinator for this functional hierarchy and maintains the routing lists and this document of intent and mission. Note that at any given time, all positions may not be filled, due to the fact that positions are filled by those who have the means and desire to provide the service of each position. Operational Practices: Each SecureMail Host (SMH) has agreed to route E-Mail (referred to as In-Transit mail) in a manner which provides the highest degree of privacy technically possible. Some variances can be expected, as the technical characteristics of each system differ, however each SecureMail Host strives to provide the best service possible. Specific operational practices include: - In-Transit mail shall not be read. Note that some systems do not provide the ability to restrict a Sysop from viewing In-Transit mail. In such cases the Sysop makes every effort to avoid noticing the content of such E-Mail as they scan thru their message bases. - The content of In-Transit mail shall not be disclosed, or given to anyone but the addressee, except as required for routing thru the SecureMail System. - All SecureMail Hosts agree to route any In-Transit mail they receive. This includes encrypted and clear-signed traffic now refused by some systems in FidoNet. In-Transit mail that cannot be delivered shall be returned to the sender along with a brief explanation of why it could not be delivered. If no local routing via another SMH is available, the mail will be sent directly to its destination by the receiving SMH. - In-Transit mail shall not be censored. Routing of In-Transit mail shall not be refused for any reason even remotely associated to the content of such E-Mail. Note: how could it be if it isn't read in the first place? Avoidance of Liability: Those participating in the SecureMail Routing System do so to provide a service at no cost to those who choose to make use of it. There is no guarantee of performance implied nor accepted by the SecureMail System as an organization, nor by the individuals who voluntarily participate to provide this service. Those who choose to make use of this service should recognize that although we strive to provide the best service possible, we cannot and will not offer any guarantees, nor do we accept any obligation for providing any service, or the performance of any service to a defined standard. Those who provide this service specifically deny any liability for the content of In-Transit E-Mail. Any liability that may apply must rest upon the originator. It is the stated practice of those who participate to provide this service, that In-Transit E-Mail is not read. On that basis, those who participate in the SecureMail Routing System will not have knowledge of the content of In-Transit E-Mail, will not censor, make judgements as to the legality, morality, nor suitability of any In-Transit E-Mail to be routed, before during or after having any contact with it. Those who participate in the SecureMail Routing System do so for the purpose of providing a service to others using the FidoNet E-Mail System. It is specifically denied that such service is supplied for the purpose of promoting, enhancement, implementation, or aiding the accomplishment of any illegal activity. No one participating in the SecureMail Routing System will knowingly allow its use to aid, abet, or otherwise participate in illegal activities, or make use of the SecureMail System for any illegal purpose. Further it is our stated operational practice that we shall not be engaged in viewing In-Transit E-Mail for the purposes of knowing whether or not the content of such could be considered illegal, and specifically deny that we could have any such knowledge. Those engaged in SecureMail Routing are constrained by the ECPA [Electronic Communication Protection Act] and FidoNet Policy in their ultimate handling of In-Transit E-Mail in regard to disclosure. Anyone who supports the goal of E-Mail privacy and who agrees to abide by the standards herein proclaimed, may apply to act as a SecureMail Host Routing System at their own expense and without regard to In-Transit E-Mail content. A list of current SMH Nodes is contained in the file SECUREML.MAP which accompanies this document. Applications may be made via direct Netmail to the ZSMH, RSMH, or NSMH closest to your area. International applications may be sent to the ISMH as listed in the map. Most SMH Nodes are identified by the flags listed above in the FidoNet Nodelist. Any questions regarding the SecureMail Routing System may be directed to any SMH listed Node. A FidoNet Echomail conference for all participating SecureMail Hosts is available as SECUREMAIL from any listed SMH. -30- TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.61 Comment: PGP 2.6.1 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLp9lR8sQPBL4miT5AQHV2wQAjddTj2nsfjT+jsyS6fVUeKnBqAALhN9R vGQ2orbMkLFh7pSAxoKRaLaavb7rFTUzlX6f5RhEWs+c61V8pfACIQzBPgiztEn7 Ztzri7RsGPSEAw6WMVtUWoBvhSLyrVSIv6PG3qixmnIkYqVg7w0kPLzWc+08r5ra BSqnEtPTZUA= =DL5H -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 15 Oct 94 01:15:50 Subject: SMH Routing map UpdReq -----BEGIN PGP SIGNED MESSAGE----- SecureMail Host Systems Zone Sysop Address |--ISMH Jim Cannell 1:216/21 | | |--Z6SMH Open | |--Z5SMH Open | |--Z4SMH Open | |=================================================================== | |--Z1SMH Jim Cannell 1:216/21 | | RSMH Net Sysop Address Flag | |--- 10 Radi Shourbaji 1:143/110 X | | | SMH |-- 102 Dave Lord 1:102/338 | |-- 119 *none at present* | |-- 125 Barry Kapke 1:125/33 X | | |-- 352 John Burrows 1:352/333 X | | | |-- 143 Radi Shourbaji 1:143/110 X | |-- 161 Bill Faust 1:215/228 | | |-- 215 Joe Pye 1:215/25 | | | |-- 202 *none at present* | |-- 203 Lee Dohm 1:203/111 | |-- 205 Zorch Frezberg 1:205/1701 X | |-- 206 Dan Wilson 1:206/2507 X | |-- 207* Dave Sparks 1:207/212 | |-- 210 Steve Garcia 1:210/11 X | |-- 216 Jim Cannell 1:216/21 X | | |--- 11 Jeffrey Oxenreider 1:226/560 | | | |-- 120 Ryan Anderson 1:120/379 | |-- 226 Jeffrey Oxenreider 1:226/560 | |-- 2202 Ryan Anderson 1:120/379 | |-- 2215 Jim Bailey 1:2215/480 | |-- 2240 Ryan Anderson 1:120/379 | |-- 2410 Ryan Anderson 1:120/379 | | |--- 12 Jesse David Hollington 1:225/1 X | | | SMH |-- 167 Frederic Giroux 1:167/535 | |-- 221 Paul Henry 1:221/279 X | |-- 225 Brett Dubroy 1:225/100 X | |-- 252 *none at present* | | |--- 13 Marc Stuart 1:2624/402 X | | | |-- 107 *none at present* | |-- 267 Matthew Landry 1:267/109 | |-- 2613 Jack Mooney 1:2613/108 X | |-- 2624 Marc Stuart 1:2624/402 X | | |--- 14 Jason Buchanan 1:286/702 X | | | SMH |-- 285 Mike Riddle 1:285/27 X | |-- 286 Jason Buchanan 1:286/702 X | |-- 287 Danny Walters 1:287/507 X | |-- 291 *none at present* | |-- 296 *none at present* | | |--- 15 Dave Munhollon 1:128/86 X | | | SMH |-- 114 Allen Borovkoff 1:114/169 | |-- 128 Dave Munhollon 1:128/86 X | |-- 303 Thomas Lange 1:303/5 | |-- 314 Doug Preston 1:314/5 | | |--- 16 Todd Rourke 1:323/110 | | | |-- 323 Todd Rourke 1:323/110 | |-- 325 Frank Perricone 1:325/611 | | |--- 17 Ted Rolle 1:105/36 | | | SMH |-- 105 *none at present* | |-- 340 *none at present* | |-- 346 *none at present* | | | |--- 18 Christopher Baker 1:374/14 X | | [cbak.rights@opus.global.org] | | | |---- 3:800/857 Jackson Harding 3:800/857 X | | | |------- 285 Mike Riddle 1:285/27 X | | | SMH |-- 116 *none at present* | |-- 123 Scott Miller 1:123/416 X | |-- 135 Tom Cropper 1:135/327 [Down] | |-- 135* David Bobo 1:135/110 | |-- 151 James Barrett 1:151/132 X | |-- 360 Stephen Frazier 1:360/23 X | |-- 362 Jack Whaley 1:362/940 X | |-- 365 Chris Britton 1:365/200 X | |-- 366 Rob Buckman 1:366/844 X | |-- 369 *none at present* | |-- 374 GK Pace 1:374/26 X | |-- 375 Tom Jones 1:375/1 X | |-- 378 Sydney Marcus 1:378/10 X | |-- 379 *none at present* | |-- 3608 Michael Smeby 1:3608/3 X | |-- 3647 Gale D. Wilkerson 1:3647/1 X | |-- 3649 Chris Hunter 1:3649/17 X | | |--- 19 Mike Lenker 1:106/1776 X | | | SMH |-- 106 Mike Lenker 1:106/1776 X | |-- 124 Bob Ratliff 1:124/7020 | |-- 130 Dale Hopkins 1:130/908 | |-- 147 Bill Teasley 1:147/3660 X | |-- 170* Jim Watson 1:170/610 | |-- 382 Chuck Haynes 1:382/502 X | | |=================================================================== | | |--Z2SMH Harry Bush 2:51/2 | | | RSMH Net Sysop Address Flag | |--- 50 (Russia) Dmitry Kiselev 2:5026/3 | | | |-- 5022 Dmitry Turevsky 2:5022/8 | SMH |-- 5026 Dmitry Kiselev 2:5026/3 | | |--- 51 (Latvia) Egons Bush 2:5100/8 | | | SMH |-- 5100 Egons Bush 2:5100/8 | | |=================================================================== | |--Z3SMH Jackson Harding 3:800/857 | | RSMH Net Sysop Address Flag | |--- 51 Jackson Harding 3:800/857 | | | |-- 800 Jackson Harding 3:800/857 Note: Those nodes listed with an asterisk "*" are accepting SecureMail for their Nets, but do not currently route mail from their Nets thru SecureMail channels. SecureMail Hosts are identified by the following flags in the FidoNet Nodelist: ISMH - International SecureMail Host ZSMH - Zone SecureMail Host RSMH - Region Securemail Host NSMH - Net Securemail Host SMH - SecureMail participating Node [these flags may or may not be preceded by a U in the Nodelist.] SecureMail Hosts are requested to ask their Local Coordinator for the appropriate UserFlag for their primary Node number. Those currently flying the ?SMH flag in the nodelist are show with an X by their node number. Complete information on the FidoNet SecureMail Host routing system is available by file-request or first-time download as SECUREML.ZIP from the ISMH or any of the RSMH systems. -30- TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.61 Comment: PGP 2.6.1 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLp9licsQPBL4miT5AQGliAP/blB+iqsFENK6Jze6HwcjiEEOfWiwaMbB 943A4hKgr23kFlg+89yj3ilNhyiYaRFgYKn1rh2SPoXUcz7GtArbDG58RYUliYNX T5Ku1SgvCAm4Dlz72JrPyA8V5ZGrR3dugLQJHR8/8qgYHeJ8FK3kn2o+xd2qnZAX bowbPfXSqWc= =qSSz -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: Ryan Watson 16 Oct 94 17:31:20 Subject: Re: Re: Howdy All Here's my Spot!!! UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message dated: 15 Oct 94, Ryan Watson was quoted as saying: RW> time as any to release my key to the public. RW> -----BEGIN PGP PUBLIC KEY BLOCK----- RW> -----END PGP PUBLIC KEY BLOCK----- please post keys in the PKEY_DROP Echo. thanks. TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.61 Comment: PGP 2.6.1 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLqGbq8sQPBL4miT5AQGLnwP9F1wnR9qCuuir6dkaEy3AMWs/JRsin0cp ExSupBHRDah0x5ldof6xxR+R+sJLcRrq0JfgW5MKxB/DsgTfj5DQMEAFvofTcVFr M//4WvTFFlE16Cd8VvmzQDUx6+rM1EP7nS0jiYRtsgGsXVsXdQeYfPojj1kdnJtH cH2XHX7PKoQ= =kHXy -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: Brian Ehrler 16 Oct 94 17:35:08 Subject: Re: PGP and Blue Wave UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message dated: 15 Oct 94, Brian Ehrler was quoted as saying: BE> Does anyone know where I can FREQ a copy of the program that BE> interfaces PGP with Blue Wave Offline mail reader? PGPBLU30.ZIP for DOS or PBLOS230.ZIP for OS/2 here. TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.61 Comment: PGP 2.6.1 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLqGcj8sQPBL4miT5AQE0VAQAkPFiSRMDd4JMsS/xfDJga7zwI18ajMRM iRWrLnfl5idjVLt1RwZ/JN+4kavWJkKIhxBuY6nDLLNc2Pw+wIZm+npIs0ABe+KB tr6bYumMLjHPcRQVFVD7lDvwQlTlzMmH6PL3Nvzt6u8HK+6DniOFU5a6X4OYayc4 4c1nNprh46s= =AEFQ -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: gk pace Area: Public Key Encryption To: Jim Grubs, W8grt 16 Oct 94 18:18:34 Subject: Re: Clear-Signed "Hole" UpdReq In a message dated: 14 Oct 94, you were quoted as saying: JGW> > -----BEGIN PGP SIGNED MESSAGE----- JGW> > In a message dated: 08 Oct 94, you were quoted as JGW> > saying: JGW> > JGW> The MIT version is written by Phil Zimmerman. What the hell more JGW> do you JGW> > JGW> > JGW> want? JGW> > No more than those issued by the Rebel. JGW> Are you saying you think Phil has nothing to do with the MIT version of JGW> PGP? Of course not, that would be an untrue statement. It is equally untrue that Phil has written (all, i/e entire) any of the versions beyond 1.0. He has "supervised" the development efforts of several contributors. The same is true today. -gk 201434369420143436942014343694201434369420143436942014343694718 From: Peter Bradie Area: Public Key Encryption To: Alan Pugh 14 Oct 94 23:39:00 Subject: Bug in pgp signatures UpdReq -=> Quoting Alan Pugh to Jim Cannell <=- AP> how did i do this? simple. the line immediately after the =begin= is AP> not blank even though it appears to be. i inserted a -255, which AP> appears to be a space, but is not. then i added the bogus information AP> to the message. AP> it is a SERIOUS bug. Try decrypting/checking signature with pgp -o and then compare the output with the purported signed cleartext. Don't just check to see if the signature is OK. ... Santayana was right, dammit! ... Blue Wave/QWK v2.10 201434369420143436942014343694201434369420143436942014343694718 From: Shawn K. Quinn Area: Public Key Encryption To: Tony Belding 15 Oct 94 20:39:46 Subject: PGP & headers UpdReq -----BEGIN PGP SIGNED MESSAGE----- *** Quote: Tony Belding to All *** Subject: PGP & headers *** Date: 11 Oct 94 21:37:10 TB> Suppose I am using PGP to encrypt LHA or ZIP compressed files. Those TB> files have a predictable header. Does this make the encryption less TB> secure? If so, to what degree? I would say the impact is most likely negligible. Someone more knowledgable about cryptography might add some further details. - From what I understand, you are at least as likely to get a message cracked if you start all your messages with "Greetings!". SKQ -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLqCERjzG+cClnFb5AQGvXAQAj3hcv3Mp7Rm9TWRpF8mIqGwJfIe7Zgf4 rIkLAC3jhyX6HoqJLMJEF6wLlLSwvlSvYOVmFcxHBiVzJ5CYyu3CL8jRW7ZAmD9D 5mdf8ZIns+jGqMwjMoTxKgBl/M2qDD0QSRlnQ5ANN1WfOkfGfUQnO32Y+h9VAVUS fvW49XLtzFQ= =oC7E -----END PGP SIGNATURE----- ... How do nudists play Flag Football? 201434369420143436942014343694201434369420143436942014343694718 From: Ross Lonstein Area: Public Key Encryption To: John Schofield 17 Oct 94 11:59:00 Subject: There goes more freedom! UpdReq John- I love this! I have Barry's books but don't remember reading this. Great stuff....hope no one spews or spontaneously combusts. :) ROSS 201434369420143436942014343694201434369420143436942014343694718 From: Ryan Anderson Area: Public Key Encryption To: Wes Landaker 12 Oct 94 00:40:46 Subject: Re: New To Pgp UpdReq -=> Quoting Wes Landaker to Brad Stiles <=- WL> Of course, I run it a bit differently, as I have written a fairly WL> complex REXX command script that handles everything for me under OS/2, WL> and gives me the choices of encrypting to multiple people, etc. =) Please post this.. I'm going to try converting it for use with BlueWave, which should get more help PGP get some more use in the echos, and keep things going in the right direction. Ryan ... What To Do When: Your Kender Thief Says "Oops...." 201434369420143436942014343694201434369420143436942014343694718 From: Jim Bell Area: Public Key Encryption To: Raymond Paquin 9 Oct 94 00:15:00 Subject: RSA Broken UpdReq -=> Quoting Rich Veraa to Raymond Paquin <=- RV> Raymond Paquin wrote in a message to Rich Veraa: RP> However, *THIS MAY CHANGE* (emphasis mine). New factoring RP> algorithms may be discovered that work better on numbers RP> with certain properties than on numbers without them. If RP> so, strong primes may be required once again.... RP> I recommend using strong primes even though they are not RP> necessary to make factoring difficult (my note: with RP> *PUBLISHED* factoring algorithms)...." RP> RP> Please read the last paragraph again and the *last* line in RP> it carefully... RV> Thanks for the update... Actually, I've been compiling my "rv" RV> versions with STRONGPRIMES defined. But am changing over to OS/2 and RV> can't compile for that yet... What is a "strong prime"? Definition, please. Please go into as much detail as you need. ... Way Too Much is Not Nearly Enough. ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718