From: Christopher Baker Area: Public Key Encryption To: All 1 Jan 95 00:29:14 Subject: PUBLIC_KEYS Echo Guidelines - regular repostUpdReq -----BEGIN PGP SIGNED MESSAGE----- This is the PUBLIC_KEYS Echo. The purpose of the Echo is to provide a place to discuss public-keys for data privacy within FidoNet and elsewhere. We also consider electronic signature possibilities using public-keys and discuss data and software encryption and the various schemes and programs that produce them. This is a technical Echo with very few rules. Those very few rules are: 1. Stay on-topic. Topics of keys and encryption and related privacy and electronic signature issues are welcome. Others are not. 2. No politics [except as it relates to privacy issues] and no religion. 3. No personal attacks, slurs or innuendo. Stick to issues not personalities. 4. No Private flagged messages in Echomail! Encrypted traffic using public-keys is permitted for the exercise so long as it is on-topic. Don't send person-specific encrypted traffic. Such specific traffic belongs in direct Netmail. Encrypted traffic should be in the form of ASCII-armored or personal key encrypted messages that can be read by anyone with PGP 2.6+ and your public-key. Include your public-key in a separate message before sending such test messages in case the other end doesn't have it or make them aware of how to get it from your system. If you just want to post your public-key, use PKEY_DROP Echo. 5. Clear-signed messages are not encrypted and may be used freely in this Echo. 6. This Echo may be traveling around the world so try to be concise. Avoid excessive quoting for one-liner responses. 7. Be aware that Echomail is NOT secure. Don't take anything at face value. 8. The posts in this Echo are the sole responsiblity of the poster. If you need verification, use Netmail. 9. The Moderators will deal with off-topic traffic. Don't respond for them. Links to this Echo will only be curtailed when absolutely necessary so please don't make it necessary. [grin] The Moderators are Christopher Baker [KeyID: 1024/F89A24F9 1994/05/18] and GK Pace [KeyID: 1024/EE38FB41 1994/05/14] at 1:374/14 and 1:374/26, respectively. It is Gated into Zone 2 by Jens Mueller at 2:24/24 who sends it on to Harry Bush at 2:51/2. Consult Jens or Harry for Zone 2 feeds. The Echo is gated into Zone 3 by Jackson Harding at 3:800/857. [thanks, guys!] The other Zones are open [hint, hint]. It is recommended that individual, public-keys be made available via Netmail or by file-request with the magic filename: PGPKEY and that the public-key provided for that request by given a distinctive filename using part or all of each provider's name and address. For example, on my system, a file-request of PGPKEY will give BAK37414.ASC to the requesting system. A magic filename of KEYRING will yield extracts from my Public Keyring as BAKPUB14.ASC. This will avoid duplicate overwriting and make it easier to track the keys. Using standard magic filenames will make it easier to find keys and keyrings on different systems. The PGP and Privacy and encryption related files on each system should be maintained with a magic filename for file request. PGPFILES should be set on all participating systems to allow your current related files to be picked up at any time. It is suggested that the actual filename indicate the origin of the list to avoid confusion and overwriting. PGPFILES requested from this system gets the requestor a file called: PGP37414.LST. The contents of this Echo are archived on 1:374/14 as the area is purged. The current past traffic is in the file PUBKEY.ECO. Archives are no longer kept. This Echo is currently available on the Zone 1 Backbone. It has been EListed as of ELIST211. Please feel free to announce this Echo in all Nets and Networks. A companion Echo for the purpose of submitting public-keys only is now available as PKEY_DROP Echo. PKEY_DROP may be obtained via the same channels as PUBLIC_KEYS. NOTE: If you lose your secret-key password [or forget it] or your secret-key in a drive crash [because you failed to back it up on floppy], you cannot issue a revocation certificate. In that case, you should make a general announcement in all related Echos that your old key should be disabled using the PGP disable command [PGP -kd userid] for your userid. That keeps your useless key on their keyrings [so they won't be replaced from other lists who didn't get the word] and permits them to add a new key from you without one interfering with the other. BACKUP! BACKUP! BACKUP! [clear?] [grin] Thanks. TTFN. Christopher Baker & GK Pace Moderators -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLwY9sMsQPBL4miT5AQHiGwP/dHDEoeZSNe20NMCPgD82xQu9KVI/QQCs O5VTbzQg9m9OnMRxsC2tHEQ9yn04zeeYygnuZzaoqOJ948NXhf4DwP5lcywiLxXw ecYEVsrkb9ooNNu7iLjN0D0zK58vTSCbQe+x68BVZEzzksjX1hKQu8p/T5dxCTuY qRKso1OvMDc= =68B4 -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 1 Jan 95 00:30:06 Subject: PGP-related filename conventions in FidoNetUpdReq -----BEGIN PGP SIGNED MESSAGE----- [the following are the standard magicnames for various PGP-related files available from participating FidoNet systems. please adjust your magicnames to match those in the list. this will make it much simpler for folks to find PGP-related stuff they need. thanks] the following is the list of standard PGP-related magic filenames that should be used for uniformity by all who provide such files: PGPKEY for your public-key. make the filename distinctive with your Node number or name. mine is BAK37414.ASC. KEYRING for your public-keyring. make the filename distinctive likewise. mine is BAKPUB14.ASC. REVOKE for any key revocation certificates you might issue. mine is BAKREVOK.ASC. PGPFILES for your PGP/privacy/encryption filelist. mine is PGP37414.LST. PGP for the current version of MSDOS PGP executables and docs. PGPSRC for the current version of PGP source files. PGPALL for both executable and source. PGPAMIGA for Amiga version of PGP. PGPATARI for Atari version of PGP. PGPMAC for Macintosh version of PGP. PGPOS2 for OS/2 version of PGP. PGPUNIX for Unix version [if there ever is one] PGPVAX for Vax version [likewise] [send them the source if they request a Unix or VAX version!] if we all use the same conventions, it will be easy for anyone anywhere to file-request just what they want and get what they expect. [grin] thanks. TTFN. Chris p.s. in addition, some of us compiled PEM public-keys for Internet use. those keys and rings are available as: PEMKEY for your PEM public-key PEMRING for you PEM public-keyring C. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLwY94csQPBL4miT5AQGvqgP/R8jLqhDRx8okyOuXtzHj+NmqaESmCxDF s8mzqqYszaGmD/weL9NAYAlsGyn2GL+6FJPhXTPYTcjPNkfT8WxiaA3mS4jvF6Dk yvMQJhjkYTWPQVDfQk5h1ZQbzTJQRNVQr/6lFuSYutMxgMSoRWGHFxI6AlFmdnAp krjj02kGV58= =2BYt -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 1 Jan 95 00:31:32 Subject: SecureMail Host Routing System info UpdReq -----BEGIN PGP SIGNED MESSAGE----- The FidoNet (r) SecureMail System 30 Mar 94 Copyright (C) 1994 Jim Cannell [Source: GK Pace, 1993; Christopher Baker, 1994] Introduction: This document describes the SecureMail FidoNet (r) Routing System, its Statement of Purpose, and defines the principles by which it shall be operated. It should be noted that FidoNet is a registered trademark owned by Tom Jennings, used by permission to refer to the FidoNet, a hobbyist network of amateur, independent, interconnected systems (Nodes) providing E-Mail transfer services world-wide. Definition: SecureMail can be defined as a group of FidoNet Sysops who have volunteered to provide an alternative E-Mail routing service within the FidoNet Network. The SecureMail System is a component of the FidoNet Network. SecureMail is NOT an alternative, separate, or distinct network. Statement of Purpose: The primary purpose of Securemail, and reason for its creation is the desire for providing increased privacy in the routing of FidoNet E-Mail. The term privacy as used in the transfer of E-Mail is an arbitrary one. Absolute privacy cannot be expected. The degree of privacy obtained will always be related to the procedure(s), effort used to insure privacy, and should not be expected to be absolute if data is to be communicated from one place to another. Routing of E-Mail, as compared to sending it direct, cannot be expected to have as high of a degree of privacy as might be expected when sending it direct. Those who are engaged in operating the Securemail system do so with the primary goal of insuring that all E-Mail routed thru it be afforded the highest degree of privacy technically possible. Those using the Securemail System can expect to enjoy a higher degree of privacy than other forms of routing, but should not expect absolute privacy. Functional Description: The SecureMail System is a group of individual FidoNet Sysops who have volunteered to work together to provide the SecureMail Routing Service to FidoNet Sysops. This group is organized, but does not have authoritative positions. Each SecureMail Sysop is an independent volunteer furnishing a service. There are no monetary rewards, each Sysop contributes the resources he or she uses to provide the service, including all costs incurred in providing it. The operational structure may appear to have hierarchical order and indeed it does, however such structure implements a routing matrix, not positions of authority. The SecureMail operational philosophy can be described as cooperative autocracy. Each SecureMail Sysop is an independent operator who has volunteered to assume the various responsibilities required of an organized effort. No one is compelled to participate, but participation requires the performance of certain agreed upon functions, standards, and of course interaction as a group. Most of the activities parallel or are incidental to normal FidoNet activities. Routing Hierarchy: The basic routing strategy follows the normal FidoNet pattern of routing thru Zones, Regions, Nets, to Nodes. The difference is that SecureMail traffic is routed thru SecureMail Hosts rather than the FidoNet Hosts. A SecureMail Sysop serving in each position is referred to as a Host. There are functional (not Authoritative) positions such as Zone SecureMail Host (ZSMH) Region SecureMail Host (RSMH) and Net SecureMail Host (NSMH). An International SecureMail Host (ISMH) functions as a central coordinator for this functional hierarchy and maintains the routing lists and this document of intent and mission. Note that at any given time, all positions may not be filled, due to the fact that positions are filled by those who have the means and desire to provide the service of each position. Operational Practices: Each SecureMail Host (SMH) has agreed to route E-Mail (referred to as In-Transit mail) in a manner which provides the highest degree of privacy technically possible. Some variances can be expected, as the technical characteristics of each system differ, however each SecureMail Host strives to provide the best service possible. Specific operational practices include: - In-Transit mail shall not be read. Note that some systems do not provide the ability to restrict a Sysop from viewing In-Transit mail. In such cases the Sysop makes every effort to avoid noticing the content of such E-Mail as they scan thru their message bases. - The content of In-Transit mail shall not be disclosed, or given to anyone but the addressee, except as required for routing thru the SecureMail System. - All SecureMail Hosts agree to route any In-Transit mail they receive. This includes encrypted and clear-signed traffic now refused by some systems in FidoNet. In-Transit mail that cannot be delivered shall be returned to the sender along with a brief explanation of why it could not be delivered. If no local routing via another SMH is available, the mail will be sent directly to its destination by the receiving SMH. - In-Transit mail shall not be censored. Routing of In-Transit mail shall not be refused for any reason even remotely associated to the content of such E-Mail. Note: how could it be if it isn't read in the first place? Avoidance of Liability: Those participating in the SecureMail Routing System do so to provide a service at no cost to those who choose to make use of it. There is no guarantee of performance implied nor accepted by the SecureMail System as an organization, nor by the individuals who voluntarily participate to provide this service. Those who choose to make use of this service should recognize that although we strive to provide the best service possible, we cannot and will not offer any guarantees, nor do we accept any obligation for providing any service, or the performance of any service to a defined standard. Those who provide this service specifically deny any liability for the content of In-Transit E-Mail. Any liability that may apply must rest upon the originator. It is the stated practice of those who participate to provide this service, that In-Transit E-Mail is not read. On that basis, those who participate in the SecureMail Routing System will not have knowledge of the content of In-Transit E-Mail, will not censor, make judgements as to the legality, morality, nor suitability of any In-Transit E-Mail to be routed, before during or after having any contact with it. Those who participate in the SecureMail Routing System do so for the purpose of providing a service to others using the FidoNet E-Mail System. It is specifically denied that such service is supplied for the purpose of promoting, enhancement, implementation, or aiding the accomplishment of any illegal activity. No one participating in the SecureMail Routing System will knowingly allow its use to aid, abet, or otherwise participate in illegal activities, or make use of the SecureMail System for any illegal purpose. Further it is our stated operational practice that we shall not be engaged in viewing In-Transit E-Mail for the purposes of knowing whether or not the content of such could be considered illegal, and specifically deny that we could have any such knowledge. Those engaged in SecureMail Routing are constrained by the ECPA [Electronic Communication Protection Act] and FidoNet Policy in their ultimate handling of In-Transit E-Mail in regard to disclosure. Anyone who supports the goal of E-Mail privacy and who agrees to abide by the standards herein proclaimed, may apply to act as a SecureMail Host Routing System at their own expense and without regard to In-Transit E-Mail content. A list of current SMH Nodes is contained in the file SECUREML.MAP which accompanies this document. Applications may be made via direct Netmail to the ZSMH, RSMH, or NSMH closest to your area. International applications may be sent to the ISMH as listed in the map. Most SMH Nodes are identified by the flags listed above in the FidoNet Nodelist. Any questions regarding the SecureMail Routing System may be directed to any SMH listed Node. A FidoNet Echomail conference for all participating SecureMail Hosts is available as SECUREMAIL from any listed SMH. -30- TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLwY+OMsQPBL4miT5AQGOogQAmqp27rcr+WfgkMRKa58+mORIlQizMVZ9 ovKTUp7iYNwVQ0atyOBHf4KZNz2qTM3lVBLPXLk1SIg8rIOjHfIZx0yGOXkvZjSV Bkbpj2Gy8dMxdvOxrLEnNrk7eVyQrNU0ntoxU78SKW+Z51/ek9zqXE1ffHqGc1Bo FW5q6xytqW8= =P2Qv -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Bill Lambdin Area: Public Key Encryption To: all 1 Jan 95 06:14:10 Subject: my public key UpdReq -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAy7H4IEAAAEEALZ5EiSYD2J3/6SZsriNvl5MTOYf5yN5R1S1caiv7ll+0uzz Ddbh2yKqyYwl50MXu/5hQ1ZS6BVTNfAfpU6mDERBad7cUUNOoEqM2e2TGZRzAexn XaOcORO7aSDarjiCGlzJDzlSRUudmqggKkSVEYEg5zSUTqtUu0sggM2nhQQZAAUR tAxCaWxsIExhbWJkaW6JAJUDBRAu7NVKy6mA+g2NCuUBAb9SA/4mUy0PJqxix7d+ MBb8B4uEbrpzEjeG3aTgXiP3D4cR7qbDiHRDzTDda/T6xMab9l3+wbfMbT9uuAY7 6jK8j4aTRLpCCcOM6GhEl7lOyIEg4y6Acft50CQRXrk4SVRdGR110DMNkongxIaF knS0AvutHcuRbhxPQHkx30E4Q+wyNYkAlQMFEC7Rde2d/psuCaEuwQEBfZED/0ip RGF3wK+Af/vyKx5FePyJujE0FYAItPRoogOqoN/Y3Om2IUa2L7KE7mdVimwOW0Zb ycCrPetz3Ry6yCv2M77oX9/pcLWG3syqAEOPRo9/G8lSRt0GPxDUzDOoqJHvz7+P zvAROMI/LDqhr4gMudDIs4+9THIDT0oogF+RfY4piQCVAwUQLs7KY+g4mQEUGHJd AQFCFAQAy7s3waQ+LVB3oSUVfcTOn55rYFBriLlUERdfvAoXRP8Lfa6+wVvbtYYX KIzMMFUZ+xHlFQqodTjrZC/+0NrdMV9SzT+mu+8rPj+qgOs/t723dvoknOd1zL1k 8hsE51KVicFs3bwgH+4JPjKnDI3Kz7c7YBE58GvdUWCBs2KIfYOJAFUDBRAuybdN mai7s315XakBAURGAfsFnhsy1WK0/BW/h1jpTJzL1W1SP2iZuKMUtCSeQqlhR2Ns Hxno4H2Nx/GB9YAoyjHXDZhxKKYM6THPli8rOZEfiQCVAwUQLstvnjCAIMQGDNzx AQFzrAQAl1Yq3jdStfSW01WPu9Gt1hBa25g19upZ08lMiLEtzbhJPEBA7zfW3Tfg Naue039p+r/6IjYZBlhin3pxQnYnUh0thbDoIORfCcCrcz4PrdxRnQ1nJLMgYHdm p5V5FBZs9jlETUOOXUbJq+1MlQSMdgyjPKAUESXaSrR5EBEDkp2JAHUDBRAuygj0 Vryoft9ybUEBAdB0Av4iYB7uAnWrUfi7JhrgQOPI/wmgQn4sFy3YA2MC7zH0e6sH TU4+xsySkwSS1a/d3if9D73FxZsycNV+5SqfJlWpdjojXy1gv3zpfzopLL7CUQt+ iG6+4zBmxArCf9jNPumJAFUDBRAuyp1HeeA7oZBjC8kBAardAgCUw0O6g9iP0oC7 BIqvfjaf3lm7BCyyR9pVLyUTD6zgSQ63geFiqELVFF2nruUu06rHAoATo894DiST NDbFYFoPiQCVAwUQLsglSx7Yw7N/86kpAQF5vQP/eL8CmX9W6I3UjmuFgkUbrQJn /TSeGmuyIT0Q8ZmM+2MeMnz+DNK1VFxGklwxVC+4JuAfx/zaiGroFmkb1yZqLQGn 36fnZTrOsfXmdrX5ofapjqSpRIsE8EyIgvd87KOsx50OVyT2f9sCMScsXo2wmjhA eVQDj0EjVDve82LjyEOJAJUDBRAuyUj6uCJnKRw6WAEBAeVCBADM9NHH30Dt2jUs cku/AVZ5F+XS3klMb5wtezuKd+7sDZnmkjsuWipRmEQJJFVILjBMYTKtk9K4wGVG I8Ws7lXXjCJzbYhekr7KqMKOuhbQhWSOa5kgbaMr1vhqZZPPHQmiX2dZGnz4Rv5Q u/atCbeP+tCpOfouxDektR9UqOm2e4kAlQMFEC7Iv9fLJWB2lxihdQEBOykD/jze PZFDRT9t4ht7zp+y8eIcXP/sX3d6CvMsac4yakE9zAUK1oBhBC9mKgjHg9FSZl6u 9iozJhusltUPxu+px8TdtAzMwsm8UU230SmwBkWO+FKx3w9IcMEIsX6HbCSjSCB+ u2tn07lZXLL9PTIQ3RToc8loDjckFAiITc7cTvDGiQCVAwUQLskQpQ06bJw29Laz AQGtUQQArLuVv0NKeF2Hn7IyPIvHRV+8wS+QndmU9ZY12l255zButAxafIpifv9l G5RYx7keTWuScIoRRn2/oixhpES1EeQ7NzEjJGiraJsNO/Sp/gmGUi1CfBl78Ey5 ECrrRP+vnqhhHAWrl817cPa2ApHfU38y0UYhVn2o7xKTiZhGgAeJAJUCBRAuyJAA NlaXxjLdmNkBAZMSA/9ZHeqDg7Ojv9gXJP35JyyRpJhVtQomIggS7BmpcXuNhiox iZuqJyxxj4ix7ewy8bea0+3Kh+AR47UfuHn/3A4iGPG5jhIkjJ0T0FGL9Sf8Lnsz MHc5fc91OWJVkWRlDBap9DycM1fJdtTdBUb3z9UVwQiIHMQCzfCpo/rGgqxzEYkA lQMFEC7H4/lLIIDNp4UEGQEBVHwEAJ4a5ek2CP/Sw5hZWEkc50bhH0HdaIWTPBwP DGD4DXaxftna3pVu6MWO7pugy/NEvOSW4cRrDEC0wtDosf9ZmCYUEe97vW9ry6jv THNxMEui1u74LCSWl9sSId7ulOcofkS+yZpAeeBsQOiYnqipM2pifGC7MWNyIANk lh9eVhLAiQCVAwUQLsffMONhWXq6l34rAQGljgP8CVWguA+PNziVt3ielyfxxGGM q3o/P6vRowuxzgVC1+TbVlqYVG7Heic91rdt7PvwecZpttRCEx7bTHBaGy4IjeWm mC8A1UCeNO41bh733oyjw2nW+dDtwO7vKzJ8AiXI2oGwHOL1k+9Jy56HJ77qSts5 UiSRmf1slrc4Gnre/+C0JiAgICAgICAgICAgICA8YmlsbC5sYW1iZGluQHBjb2hp by5jb20+iQCVAgUQLsiQMTZWl8Yy3ZjZAQHj6QP/UeOjpW45MGbXeWa7sl4nchMh nhFITPJPoAcdaF3KqtrYQKOJsnwT9yK7d43q2y0LXIxygCak7gZMFQar6WwOrHDx fUHZ369gU/eaduOuDhNXkToRzemwlEBGBqHcNti4K0I7TiS/iAdwN8KiP3bnxIO4 W/gQA454acq5anHDzOaJAJUDBRAux+f1SyCAzaeFBBkBAS7EA/wK77pFRM+ShuK0 QHfsokUEgV6imCeOtVnNnU6Ip0G4pKYLXD04G/7AwQvy+JbhpHHxHbWSYHFpyMMk qdNO2sTCtVob4y52xWsxjKqM/1y2O6pKfrJAeJvixXjLMK8wUeh1xcv2IzwM6EKP ZM6xVSeSSBvkdIsLv/VzRDX5+fgWHbQfICAgICAgICAgICAgIDxCbGFtYmRpbkBh b2wuY29tPokAlQIFEC7IkGY2VpfGMt2Y2QEBPUQEAJhRlYn3+67c85KvCsL219Vp kmsRnCQOsU/D7YSWuk4BW9FzC4kXLSEap+9ajBm3dQIU9Oi4LOqMm7++4dRwLEiY GJn66ce4JZIbJXlM7CFOK/xXgsYd7Myi1lvQSpqj7MQ+lov801W5e8hSJKlhLYbS ffWwPz+kV+uXVdVSa9pOiQCVAwUQLsfm4ksggM2nhQQZAQGzTQP6A94tZsq7zLzF n2LfIUFYT5P/EMS1s9Ol25vShui416QOBK/uHdBXsaXmnYLSrwsXT/MnV7Y9nDPs a0t1uT+k3+cySC1SjKFUST5bkrnO6Q6ahrJSyIY4crqg9pu0mhUXdVhO3I+0JGqX pzhgWCvtCW2lEuGQZMhDdywyq0x9PcO0HSAgICAgICAgICAgICA8VmZyZWFrQGFv bC5jb20+iQCVAgUQLsiQlzZWl8Yy3ZjZAQGO0gQAyf2WK3XaNnDeqK+qFsOtZsqJ xvz61yBV+vtcclCDWw2Dumw6jM+lVrMYEAfnU+vejgM4u9SafY0HRUL1SaFXctdR LiIpCZ+yv0I53avH3h1RPEssINoK+7x49M7HFaPWKfnn7tn0ZPfXnXFoOu/3A30D JHfW1pHlrsh5pCWqTaCJAJUDBRAux+aXSyCAzaeFBBkBAch6A/4qV7ihAmknx0dP UI1ElgceJ5RspqoxOHTxdWgBtEefbXzJTZz/09Qr2kBm/Z70Xuz8TCXaMnEhg1cz ZfhTWOz4ki8XWKOnNGonvX796kFMHIWD/RK4/dRm2cZdM2yNIEpczdE2wo7akqut DmUdx1z4oLYVvf8BOi2SBIzn7m7AwbQrICAgICAgICAgICAgIDxNZXRhdmVyc2Ug QkJTICg2MDYpIDg0My05MzYzPokAlQIFEC7IkMk2VpfGMt2Y2QEBSR8EAIQvTEqD 2HIxalC8MdMdTsTpY7ifeJD/PJNauzoIYiGbNQhIJVGOd+xejX8ZDlfcqcVN+lbw /I497ZlaLGyTMj6DVltMMOracI7Ojhrjnsdqze4uKI87mCdUgZRyKMq+1qDuT+2z mZVk6VjKF7PvMlLpkrk6tWPGf1Ewy96FSEUliQCVAwUQLsfmcksggM2nhQQZAQH3 PAP/UW4uduATEh8RDYSBngSI9JBiuBjt9SrNxXyRLi+Rbi5xJ0L4jNsPln1KFNPH b45OeyYvtzH32nZjWGiW0kX1FBEQr5wenJK5FvyPqLR4PNXJS9lZot6RdWPwnvJg JcKM5M17iL4Nb1KqcE/Z8Do79UOe2EuzhTULxtJ3+z5t+Sg= =kSbk -----END PGP PUBLIC KEY BLOCK----- Bill 9CCD47F3C765CA33 bill.lambdin@pcohio.com C77D698B260CF808 <-PGP fingerprint codes --- * CMPQwk 1.4 #1255 * FROG'S ALLEY activates the 5th of any month 201434369420143436942014343694201434369420143436942014343694718 From: Bill Lambdin Area: Public Key Encryption To: all 1 Jan 95 06:15:10 Subject: PGP key for Gary Mirkin UpdReq Gary Mirkin asked me to post his public key to this conference. Here is the public key for Gary Mirkin. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAizsaNsAAAEEAMdf7yWhUQGlXxcuEDpuxDioBK6Uy3ptZVTM1Vk37St4Qrq8 V002iIJqb7e1SA4oXThn33ZVoos4GsBMA3iMKj4jRxwl4Nmrzj6CW2RsxLivKzea DH8Uy2+urZIoICw2H4iZ3f+NErC2TdYmPvQ0JU4hvXpyhynXOZ3+my4JoS7BAAUR tBVHYXJ5IE1pcmtpbiwgTUQsIEZBQVCJAJUDBRAvA/AaSyCAzaeFBBkBAXoDA/0Z octLVDCDfpVbESjMB8cUBbGVe3kgNBVEV12r1wisf3i8IDVXIVyyNDB369dU3y/s M+gQ92rrzHk9USjrP3WYOsgKyE3irfFO3wnUOF9x7BvtYRg+b7sqmkMg5Nirz3vI RG75qsMRHzXIeU/8/zOml6XPEp088/4cNNxZ/eKIiIkAlQIFEC8AbSmiaaQcdndX +QEBR90D/Amnmd5+V3bAFEwjL0rRlaGiwzt/D8rc7I30ScB6ZznFyA6Ds+XvzUfi WDS8o/Eg11Yy7WWRi7cCMLPLCdGp2Zai0HxFDX4GyF/sc1OR6GDGlSFnauz+FQR3 yg76vhJyfNwNIBABMw1O414zuObktk0nd0+cSYaPvme6EmiXaFEftB5HYXJ5IE1p cmtpbiA8NzMyMjcsNDAyIG9uIENJJD60IkdhcnkgTWlya2luIDxiYWJ5ZG9jQHBp cGVsaW5lLmNvbT6JAJUDBRAu/qR1SyCAzaeFBBkBAXavA/4saTQ3AUxgImd3fXFX zYFZhUI6SqjrRTpwVNeq3eF2wsNjApCyhy5LLi5BHKinhlJd3tiWNO7aC9m0tWQG GjhqVz0sBYrDU8Ku4N/ALN3aFSrbL4oXRbRgtruWAjG4p8V/zgcbfCXtiA4flkXC bZevjfvHRHxauYX8aJUoiSIvM4kAlQMFEC79sH2d/psuCaEuwQEB4pYEAMVRC7tq 9P7+6w5N34zrY0t5ZVpaSpvGyNab5pcs2uq2DkmkAn2DCkyHD5+hIdFuhqkxQNdK mQXz/JzFxPhvdK5rWXFEgd5fEm4v5s7iMP+ODrcU8FrYGKaUW3wsGeL55KIxPeSc dwLv9SfvVvHKJJxRzbTsR9YwfbvFKrJYlNOTtBRiYWJ5ZG9jQHBpcGVsaW5lLmNv bbQgR2FyeSBNLiBvbiBMSSA8NzMyMjMsNDAyIG9uIENJJD4= =3QPy -----END PGP PUBLIC KEY BLOCK----- Bill 9CCD47F3C765CA33 bill.lambdin@pcohio.com C77D698B260CF808 <-PGP fingerprint codes --- * CMPQwk 1.4 #1255 * Data Watch BBS (919) 419-1602 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: christopher baker 31 Dec 94 15:15:44 Subject: pgp faq UpdReq chris, i just got the lates "where to get pgp" faq from the cypherpunks listserv. would it be appropriate to post here? its about 800 lines. i could break it into 8 ~100 line messages. amp ... Anyone coming for my guns better be prepared to meet god. 201434369420143436942014343694201434369420143436942014343694718 From: Todd Jacobs Area: Public Key Encryption To: Jeff Trowbridge 1 Jan 95 12:03:16 Subject: Re: pgp problems UpdReq Jeff Trowbridge's overdue library book had this message for All scribbled in the margins: JT> But when I try to respond to a post in an echo I save the original JT> message, open the editor to the message, type my response, save it, JT> back to Ppoint, open the editor again, but when I run JT> pgp -sat response.asc I get a completly encrypted message. Do you have the cleartext option set in your config.txt file? If not, try +clearsig on your command line. Todd A. Jacobs SysOp, The Digital Bookshelf 201434369420143436942014343694201434369420143436942014343694718 From: Todd Jacobs Area: Public Key Encryption To: Mark Drew 1 Jan 95 19:16:52 Subject: Re: Problem UpdReq Mark Drew's overdue library book had this message for All scribbled in the margins: MD> I am a recent user of PGP, however, on 3 separate occassions, while MD> using PGP, my computer "losses" the A; drive (the old "drive not MD> ready abort, retry, fail" message). Hot rebooting puts it back MD> right Most likely a hardware problem. Or possibly a memory conflict. it occasionally happens on my system with other programs (not PGP). It's the price one pays for not owning an integrated system. =) Todd A. Jacobs SysOp, The Digital Bookshelf 201434369420143436942014343694201434369420143436942014343694718 From: Alex Vasauskas Area: Public Key Encryption To: Aaron Goldblatt 31 Dec 94 12:53:00 Subject: Re: Can I Freq Pgp? UpdReq AG>There's a CHANGES.DOC file included in PGP262.ZIP which explains the AG>differences. Among other things, a number of formatting changes have AG>been made AG>in a number of places. It's time for v2.3a to die. I understand that PGP 2.6 from MIT is basically a crippled version of 2.3a. Is all of the 2.6 series a continuation of this MIT version? Why is it time for 2.3a to die? AG>It should be available as "PGP" from 1:130/908 (I attached it to Dale AG>yesterday AG>-- hopefully she's put it up by now). As of the date of this message, 1:130/908 was sending the 5/94 MIT version 2.6 in response to PGP. I'll check again in a week or so unless I hear otherwise. Thank you for your help and any additional enlightenment you can give on the PGP versions. Alex 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Shawn McMahon 28 Dec 94 20:09:44 Subject: Re: KEY REVOKE UpdReq -----BEGIN PGP SIGNED MESSAGE----- SM> Or variations on the above. I had a friend who used a variation on SM> the latter to store a copy of his ATM PIN. He put an ex-girlfriend's SM> name in his address book (one he hated, so he wouldn't forget ) and SM> put the local exchange followed by his PIN. 7 digits, looked SM> perfectly legit. I like that idea! BTW, do you have the ex-'s real number... . SM> You should *ONLY* do that if the piece of paper is fairly secure, SM> however; a piece of paper in your desk is *NOT* secure. If you're On my desk it would be secure: no one could fine it! SM> relying on the physical security of your office or bedroom, you might SM> as well use your freakin' name as the password 'cause it'll be that SM> easy to break. I've demonstrated the ease of guessing pwords here at work for my underlings... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP_ECHO: CypherEcho to the gods... iQCVAwUBLwH93EjhGzlN9lCZAQECMwP8D76dmCSd/6mHaty5OEheapyFjPI5IyQZ t+G9fp1Y8DSNJF+bdSN6ZOoiDhvmt+FXNpPGymmwYUs1GDfF5ZYmgwiIndCLjPeW me6tU0vChbEa9tQuwlRFLnnIC0BzPI2nzW0y0ckYLmFAR4R087sE9CEoTla7Li8N ZrbyQkA8NaI= =Ksli -----END PGP SIGNATURE----- jason ... BW-PGP.BAT / BlueWave 2.12 / PGP 2.6.2 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Mark Drew 1 Jan 95 13:48:42 Subject: Problem UpdReq -----BEGIN PGP SIGNED MESSAGE----- Mark Drew wrote in a message to All: MD> I am a recent user of PGP, however, on 3 separate MD> occassions, while using PGP, my computer "losses" the A; MD> drive (the old "drive not ready abort, retry, fail" MD> message). Hot rebooting puts it back right Is drive A: mentioned in your PATH statement in your AUTOEXEC.BAT? If so, maybe the PC is looking there sometimes, and the drive door is not closed or your floppy is dead (run SCANDISK on the floppy?). If the PC can find the file it's seeking elsewhere, it'd never try to get to A:. But if it's missing elsewhere, it'd try A:, and fail for whatever reason. :\ jason ... Why do good looking Blondes dye their roots black? -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP_ECHO: CypherEcho to the gods... iQCVAwUBLwcj7EjhGzlN9lCZAQHI9gP+LhVnciuvo8CgMF6L7yqzJ7tahkO7PB6G Z52FURiyjbMwB1ade/Y6Bh4y+Tu+vwZuD5HRLbKCx9NhY0fYFEdFczjc//f9PcfX aBJN2wZt/EoCeFR6U0kDnukHwp0QAZSUaZ4vUtzUCCUjcPR3OupnuvhCX5cudjgZ ZGuEE6G3ZMk= =blkH -----END PGP SIGNATURE----- ... Key fingerprint = 60 97 B2 AE 7D 90 11 2F 05 1C 35 98 E9 B9 83 61 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Michael Hagerty 27 Dec 94 10:03:18 Subject: Revoke.bat UpdReq -----BEGIN PGP SIGNED MESSAGE----- Michael Hagerty wrote in a message to Jason Carr: MH> Specifically, when using MH> REVOKE "Michael Patrick Hagerty" MH> what got sent to the command line was MH> PGP -kx "Michael SAVED.KEY" Hmmm... MH> So I used only one name and it worked just fine. I also The Key ID would work well, also (0x[whatever]). MH> generated the revocation certificate as an ASCII file, since Right. MH> my machine's clock ahead and generated the longer keys. I MH> gather that I should now post the extracted .ASC copy of my MH> 2047-bit key to one of the "popular" servers so that it MH> becomes available and usable by my correspondents. Right-o. Although I'm likely not going to make the 2047 jump anytime soon. MH> Is it necessary (or even advisable) to revoke the 1024-bit MH> key at the same time I register the new 2047-bit key? Will I believe PGP will start with the most recently added key to try to decrypt, so the use of two keys might be troublesome. Perhaps, though, PGP looks at the key ID? If so, there would be no mixup. (I'm going to wait till someone =else= wallows through all this before I make the 2047 move.) MH> revoking the key then diminish the trust for keys I had MH> signed with the 1024-bit key? Should I then "remove" the MH> 1024-bit key from my rings? Maybe just keep a copy of the original ring with it on there to decrypt the occasional straggling 1024 post. MH> Does the extracted .ASC copy of my new public key include MH> both the 1024 and the new 2047-bit keys, or just the MH> 2047-bit key? Depends on how you call the command. If you just tell it to extract "jason" (if I were doing it, and had two keys under that name), it would stop at the first match, usually the most recent key. MH> How do I differentiate between them, if I can, when signing MH> a message as both of them have the same User ID? The pass MH> phrase protects the ring and not the key, correct? Key Id, which you can see with the -kv command: ======= pub 1024/F89A24F9 1994/05/18 Christopher Baker <1:374/14@fidonet.org> cbak.rights@opus.global.org pub 1024/4DF65099 1994/07/10 jason carr <1:124/3208@fidonet> ======= Now imagine that the key before mine was not Chris', but rather another key under my same User ID (jason carr). I could refer to the first one as 0xF89A and the second as 0x4DF6. This is explained more completely at the beginning of PGPDOC2.TXT. MH> I have generated a revocation certificate for the 2047-bit MH> key. Will this certificate revoke the 1024-bit key as well MH> or just the bigger key? Whichever one PGP considered a 'match' first. Gotta use the Key IDs, fer sure. This is one of the PITA (pain in the ...) weirdnesses associated with multiple keys. I'm gonna stick with the 1024 until I have time to diddle with my setup... jason ... It's STILL not weird enough for me... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP_ECHO: CypherEcho to the gods... iQCVAwUBLwBarEjhGzlN9lCZAQGWbQP/V9pQ41BRTFEfPXfC1SFkPgtZaQO25lnw FTAUVDEECngDChQxtT/cD8nFiutSp+jji3pUqsTARkT+AZcCDFAnY6wW5pACuFyL jS1ONCaJJwOZClF0up29w6C5oDU8s/diEOQ4NGJF34YjGaVpLlk+PW5t/0wGo5Bf w+6BZli1JWw= =qSxr -----END PGP SIGNATURE----- ... Key fingerprint = 60 97 B2 AE 7D 90 11 2F 05 1C 35 98 E9 B9 83 61 201434369420143436942014343694201434369420143436942014343694718 From: Aaron Goldblatt Area: Public Key Encryption To: Alex Vasauskas 1 Jan 95 22:04:50 Subject: Can I Freq Pgp? UpdReq AV> I understand that PGP 2.6 from MIT is basically a crippled AV> version of 2.3a. Is all of the 2.6 series a continuation of this AV> MIT version? Why is it time for 2.3a to die? 2.6 is a fully legal release for noncommercial use in the United States. There is a contention by PKP that PGP v2.3a violates their patent on RSA technology. Aside from that, PGP v2.6 (and later) began, on September 1, 1994, generating slightly different data formats for keys, signatures, and messages. These formats can't be read by v2.3a, although v2.6x can still read the old data formats from v2.3a. As more people start using v2.6.x, you'll find yourself less able to read their keys. AV> As of the date of this message, 1:130/908 was sending the 5/94 AV> MIT version 2.6 in response to PGP. I'll check again in a week AV> or so unless I hear otherwise. That's Dale's problem, then. She can be slow, sometimes. I'll send it to you myself. AV> Thank you for your help and any additional enlightenment you can AV> give on the PGP versions. Consult PGPDOC2.TXT in v2.6.2 for the full explanation of the above. D'Artagnon ... 3. WE made a decision ... 201434369420143436942014343694201434369420143436942014343694718 From: David McIntyre Area: Public Key Encryption To: Jim Grubs, W8GRT 26 Dec 94 06:50:20 Subject: Re: A Good Idea! UpdReq -=> Quoting Jim Grubs, W8GRT to Shawn McMahon <=- > This works for any Internet address. > You can also receive mail from the Internet. Your default address, > assuming you don't make any special arrangements with one of the > gateways, is: > glen.todd@f203.n128.z1.fidonet.org JGW> You forgot to warn him that his only response from JGW> president@whitehouse.gov will be a b......t robot message. Well, if you include a snail-mail address, they will treat it as snail-mail, and send you a paper response, if your message warrants it. ~~~ PGPBLUE 2.0 201434369420143436942014343694201434369420143436942014343694718 From: Lance Culp Area: Public Key Encryption To: All 1 Jan 95 12:20:18 Subject: Zimmerman UpdReq Since I am totally new to this echo, I hope you will excuse my ignorance about the apparent effort by the government to prosecute Zimmerman. I know it's a pain in the rear to go over old ground, but if you could take the time to fill me in on the story, I will send a letter to Clinton, like many of you are already doing. Thanks a bunch. 201434369420143436942014343694201434369420143436942014343694718 From: Joe Eversole Area: Public Key Encryption To: Guy Martin 2 Jan 95 03:04:00 Subject: New Software Release UpdReq * Original message was on HSTONE - HearthStone BBS - Mooresville High School * Original message was in Conference #0200 - Tag Talk GM> How did you get that comment? I want one! And I hate to RTFM! Add: Comment = text to your CONFIG.TXT in your PGP directory. =) Joe Eversole , SysOp - HearthStone Internet: jeversol@iquest.net / PGP Key on Request * RM 1.4 B1371 * What you are, not what you have, is what makes you rich. 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: Bill Lambdin 2 Jan 95 20:41:18 Subject: Re: my public key UpdReq * Original Message Dated: 02 Jan 95 20:37:33 * From: Christopher Baker * To: Bill Lambdin * Msg Header modified by: Christopher Baker @ 1:374/14 * Message text was not edited! -----BEGIN PGP SIGNED MESSAGE----- @MSGID: 1:374/14 2F08AA5D @PID: GenMsg 4.21 [0002] In a message dated: 01 Jan 95, Bill Lambdin was quoted as saying: BL> -----BEGIN PGP PUBLIC KEY BLOCK----- BL> Version: 2.6.2 BL> -----END PGP PUBLIC KEY BLOCK----- please post keys only in the PKEY_DROP Echo. thanks. TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLwirLcsQPBL4miT5AQE6NgQAiZGXnLSp+eZVqIf7rU/ULoe3DooY3q1i 07G+jC5sLrdbO1zjIOBG6NbqW2oq1SCQgDU4zVwk9RTLjUCv9OthI9VRuuJSfQFT QmX2cauCLkVQ6gyFxcNWavmui7uCtkpV4STaBGSKMzGQcplUbjeTlbPp06qj3k4E iy6BLINiZiQ= =EEzb -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: Bill Lambdin 2 Jan 95 20:38:16 Subject: Re: PGP key for Gary Mirkin UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message dated: 01 Jan 95, Bill Lambdin was quoted as saying: BL> Gary Mirkin asked me to post his public key to this conference. BL> Here is the public key for Gary Mirkin. please post keys in PKEY_DROP Echo only. thanks. TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLwiqjMsQPBL4miT5AQFYvQP9Fe7qLC/rVgNL+Au028pXrGwuybUWZGc9 WnJkMC+qL3avxdQ/SW1DG2HnMFi6OVkcsQHZvSW2ThEoaWcFp8kMZ9SS8lzcvvRi yzj7ISLJlV9XrSHTI/+wG6WJ9rQM64VQuMPHAheYAcDm6vnL0heE8lvKfQRK/V+/ +a/0arT3WXg= =yxRb -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: Alan Pugh 2 Jan 95 20:39:06 Subject: Re: pgp faq UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message dated: 31 Dec 94, Alan Pugh was quoted as saying: AP> i just got the lates "where to get pgp" faq from the cypherpunks AP> listserv. would it be appropriate to post here? its about 800 AP> lines. i could break it into 8 ~100 line messages. okay. TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLwiqvssQPBL4miT5AQEZPgQAqQ0n65PQ4NtBE76I5JdPbwlgoD/Mjgqn HjPX37+AnRSZvS4IaJraWYVqr5nPU2seSlxawbznI8dHzDV/ko1Fi38XhKuzfvFo VDXQdfaePV8IHpCbmZxcbL4bQ9dJh0WOL2G0X7F3/LYhdTLWZVW5yAi5UKUraXLE h8U4Cf0Z2Fg= =gyM8 -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: prz@acm.org Area: Public Key Encryption To: All 2 Jan 95 21:06:46 Subject: January meeting with Zimmermann's prosecutorUpdReq * Original Message Posted via CYPHERPUNKS * Date: 30 Dec 94 00:06:26 * From: prz@acm.org @ 1:102/825.111 * To: All * Forwarded by: Christopher Baker @ 1:374/14 * Message text was not edited! @MSGID: 1:102/825.111 00032599 @REPLYTO 1:102/825 UUCP @REPLYADDR prz@acm.org @PID GIGO+ sn 154 at borderlin vsn 0.99 pl3 @Sender: quake!toad.com!owner-cypherpunks @Received: from relay2.UU.NET by netcomsv.netcom.com with ESMTP (8.6.4/SMI-4.1) @ id AAA13625; Fri, 30 Dec 1994 00:12:33 -0800 @Received: from toad.com by relay2.UU.NET with SMTP @ id QQxwmi23051; Fri, 30 Dec 1994 03:10:32 -0500 @Received: by toad.com id AA27752; Fri, 30 Dec 94 00:06:43 PST @Received: from ncar.UCAR.EDU by toad.com id AA27746; Fri, 30 Dec 94 00:06:39 PST @Received: from sage.cgd.ucar.EDU by ncar.ucar.EDU (NCAR-local/ NCAR Central Post Office 03/11/93) @ id BAA24166; Fri, 30 Dec 1994 01:07:03 -0700 @Received: from columbine.cgd.ucar.EDU by sage.cgd.ucar.EDU (8.6.4/ NCAR Mail Server 04/10/90) @ id BAA24879; Fri, 30 Dec 1994 01:06:55 -0700 @Received: by columbine.cgd.ucar.EDU (4.1/ NCAR Mail Server 04/10/90) @ id AA22434; Fri, 30 Dec 94 01:07:18 MST Message-Id: @Subject: January meeting with Zimmermann's prosecutor @To: cypherpunks@toad.com (Cypherpunks) Date: Fri, 30 Dec 1994 01:06:26 -0700 (MST) From: Philip Zimmermann @Reply-To: Philip Zimmermann @Content-Type: text @Sender: owner-cypherpunks@toad.com @Precedence: bulk The following is a message from my lawyer, Phil Dubois. He posted it to alt.security.pgp, and I thought I should post it here as well. The message is signed with his key. --Philip Zimmermann -----BEGIN PGP SIGNED MESSAGE----- Phil Zimmermann and his defense team are heartened by the substantial outpouring of support that has been demonstrated through numerous postings in this and other news groups. As we approach a crucial meeting with the prosecutor, it is particularly encouraging to see that many others are willing to devote themselves, both financially and through volunteered time, to Phil's defense. A number of postings have suggested a variety of support activities ranging from petitions to the President to gatherings in San Jose. Phil's lawyers are concerned that some of these activities would not assist in our efforts to protect his legal interests and could in fact hurt. The upcoming meeting with the prosecutor is not a court hearing, but is a private meeting of counsel. Neither Phil nor any judicial official will be present. It will not be a trial or hearing, but a discussion with the Assistant United States Attorney who is handling Phil's case. As such, it is not an appropriate setting for any public demonstrations of support for Phil or for unrestricted dissemination of cryptography. What Phil needs at that meeting is a quiet environment in which serious legal issues can be discussed candidly in an effort to avoid the necessity for any trial. Given the purposes and importance of the meeting, we -- and most especially Phil ZImmermann -- ask that any of his supporters not come to San Jose for any form of public demonstration. We encourage you instead to continue to support Phil's defense by financial contributions. Communications of support to government officials in Washington, DC are also appropriate and helpful. To the extent that effective representation of Phil's interest permits us to communicate with his supporters, we will periodically post announcements to this and other appropriate news groups. Philip L. Dubois Lawyer -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAwUBLwJTObZ7C+AHeDONAQH1jAP/T6ZMSIAbgjfLliPbDALVMaOkuHBHGdeq ny0KPsZhIz6/K6ate8yr1uF84RtdolHMx73DBpSf6L9H7d3zcPVfy3ArAv44J/kZ jX0y36eCcn9pxhtU+41k9vkSLnGaNdiM5JKpehbRLgP0Gm+dAq0tbGNIXwL0XOEq CKmZXTWj/vs= =4hhB -----END PGP SIGNATURE----- --- @PATH: 102/825 903 374/14 201434369420143436942014343694201434369420143436942014343694718 From: Chris Adams Area: Public Key Encryption To: Alan Pugh 2 Jan 95 21:06:24 Subject: pgp faq UpdReq On (31 Dec 94) Alan Pugh wrote to christopher baker... AP> i just got the lates "where to get pgp" faq from the cypherpunks AP> listserv. would it be appropriate to post here? its about 800 lines. Do you have an email address for the listserver? (Time to test the old Fido<>Internet gateway!) ... That's no moon.....that's a space station. 201434369420143436942014343694201434369420143436942014343694718 From: Lawrence Garvin Area: Public Key Encryption To: All 31 Dec 94 15:04:04 Subject: A Book worth considering... UpdReq * Original message posted in: HCN-HOU. * Crossposted in: HUB_1202, HOUSYSOP, SYSOP, FN_SYSOP, BBSLAW, ALT-106, RBBS_HOU, HCBBS, UNIX, PUBLIC_KEYS. Having just spent some time reading this book, and being quite impressed, as well as being a personal acquaintance of Mr Cavazos, -and- having heard both he and Mr. Morin speak at the October EFH Sysop Liability Seminar, I thought I'd pass along my recommendation to sysops everywhere to consider acquiring a copy of the book. ============================================================================= Cyberspace and the Law Your Rights and Duties in the On-Line World Edward Cavazos and Gavino Morin What legal recourse do you have if someone has read your private e-mail without your consent? Who owns the copyright to the message you just posted on a bulletin board? Can you get into trouble for downloading a sexually explicit file? What legal risks do sysops face, and what can be done about them? These are among the many questions that the authors, both practicing attorneys, address in Cyberspace and the Law. Without resorting to confusing legalese, they presen a clear and concise analysis of legal issues in the anarchic world of cyberspace for members of the on-line world who have little or no legal background. The introduction provides a quick tour of cyberspace (on-line services, bulletin board systems, private systems, and networks) The introduction provides a quick tour of cyberspace (on-line services, bulletin board systems, private systems, and networks) and activities (e-mail, public messaging systems, software exchange, electronic publishing, entertainment, chat, educational and research services, and commercial applications). Cavazos and Morin then take up electronic privacy issues including anonymity and both statutory and common law approaches to protecting private communications (featuring a discussion of Steve Jackson Games v. United States Secret Service); the virtual marketplace of electronic contracts and credit card transactions; copyright law in an uncharted new world; freedom of speech; adult material (digitized images, animated sequences, sexually explicit text, "hot chat"); and cyber-crimes. The major statutes governing on-line activity are included as appendixes. Edward Cavazos (ecavazos@blkbox.com) is an attorney with the Houston law firm of Andrews & Kurth. Gavino Morin (gmorin@slurpee.vt.com) is an attorney with the McAllen, Texas, law firm of Montalvo & Ramirez. Available at major bookstores 220 pp.- 3 illus. $19.95 ISBN 0-262-53123-2 201434369420143436942014343694201434369420143436942014343694718 From: Brian Giroux Area: Public Key Encryption To: Alan Pugh 30 Dec 94 23:56:00 Subject: KEY REVOKE UpdReq ALAN PUGH pounded out random words to BRIAN GIROUX, and it looked something like this: AP> if you've not added any more keys to your ring since, you can save >your 'pubring.pgp' and 'secring.pgp' to another name, then rename >'pubkey.bak' and 'secring.bak' to *.pgp Making the .bak files was going to be my next step :( Brian Giroux True-Tech Computer Supplies * 1st 1.11 #1757 * IPL0006 Mouseman II serial Cdn$78.00 201434369420143436942014343694201434369420143436942014343694718 From: Brian Giroux Area: Public Key Encryption To: Rich Veraa 31 Dec 94 00:05:00 Subject: KEY REVOKE UpdReq RICH VERAA pounded out random words to BRIAN GIROUX, and it looked something like this: RV>Only if you saved a copy of your keyring from _before_ issuing the >revocation; in which case, just replace the newly-created one with the old. Do you mean the ASCII file like this: ~-----BEGIN PGP PUBLIC KEY BLOCK----- ~Version: 2.6a ~~mQCNAi6Ys78AAAEEAOXecpTZ1OmRysmvPax8TL05E5AR0hYTF9UIrNPmlB26AF1K ~eHh8LulSG21sLxLvO+JbMhNFqOr3Irv2qZClNuv/HAjSgg92BuiBe2cLIXlOsPNp ~gT4BDNi53aQoO4CQ/roRMvKh/SznegF0ByZn8JSB4l516vr7Ogk5TLkyA+ttAAUR ~tCRCcmlhbiBHaXJvdXggPDE6MjI1LzMzMEBmaWRvbmV0Lm9yZz6JAJUCBRAumLT6 ~CTlMuTID620BAWqJA/9lWdPVk/fi5X3mBaSepQ0jTCDEXvMWnw0JohyKX+9nRVeZ ~zcI4FxbtZLI5S0g5dbhB6u7eupPDDRmloFDOIftAnsJE4WostnRyN/Gi0UsmbJze ~+sO0CGph06JtPq10OHBeNcae/YxyCogvgLbaGRrqLg9E9B/S6LIjyK22WICSrw== ~=KC4k ~-----END PGP PUBLIC KEY BLOCK----- (I just added the "~" to prevent anyone from adding a bad key to their keyring) Anyway, this is the file that I created on November 7 for the purpose of posting it to the PKEY_DROP echo. Can I just add this key to my keyring to effectively unrevoke the key? Brian Giroux True-Tech Computer Supplies * 1st 1.11 #1757 * ISL0001 Scanman 256 w/Omnipage OCR Cdn$519.00 201434369420143436942014343694201434369420143436942014343694718 From: Brian Giroux Area: Public Key Encryption To: Jason Carr 31 Dec 94 12:34:00 Subject: KEY REVOKE UpdReq JASON CARR pounded out random words to SHAWN MCMAHON, and it looked something like this: JC>Either the person has to have the ability to follow directions closely That's exactly why I messed up. I didn't follow directions *closely*. The directions that I was following was a "How to issue a key revocation certificate" type of post in this echo. The poster had a lot of "copy *.pgp *.XXX" and "copy *.pgp *.YYY" and some other weird stuff like that. There were no explanations as to why the step was important, so I just skipped the stuff that looked to weird to me. After I made my mistake, I looked at the directions again, and then I understood why each step was important. Too late then though :( JC>(ie "Extract a copy of your key =first=") or be able to think ahead. Yeah. I did that back in November to post my public key in the PKEY_DROP echo. Am I saved? JC>this show weaknesses in the chain: someone who would accidentally and >irretrievably revoke their own key might also make other errors in No, no, no. I never make mistakes! ;) Brian Giroux True-Tech Computer Supplies * 1st 1.11 #1757 * WRE00001 Autodesk Home Series:Bath/Kitchen Cdn$65.00 201434369420143436942014343694201434369420143436942014343694718 From: Brian Giroux Area: Public Key Encryption To: Prz@acm.org 31 Dec 94 12:58:00 Subject: Name that phone UpdReq PZ>I'm trying to come up with a name for the secure phone software I'm >planning on releasing. The software would turn any multimedia PC >into a secure phone. How about "Pretty Good Phone Privacy (PGPP)"? Brian Giroux True-Tech Computer Supplies * 1st 1.11 #1757 * WRE00002 Autodesk Home Series:Deck Cdn$65.00 201434369420143436942014343694201434369420143436942014343694718 From: Brian Giroux Area: Public Key Encryption To: Jason Carr 31 Dec 94 13:00:00 Subject: REVOKE.BAT UpdReq JASON CARR pounded out random words to ALL, and it looked something like this: JC>Maybe we should write a little .bat for the newbies to use until they >get more comfy with PGP? Where were you a few weeks ago ;) Brian Giroux True-Tech Computer Supplies * 1st 1.11 #1757 * WRE00004 Autodesk Home Series:Landscape v2.0 Cdn$65.00 201434369420143436942014343694201434369420143436942014343694718 From: Richard Dale Area: Public Key Encryption To: Michael Johnson 2 Jan 95 20:51:10 Subject: encoding/decoding XX/UU UpdReq MJ>*I've seen a post of a debug script that creates the UUD20.COM file - which is a MJ>*UU-decoder. I'd like this script if I can get it and the program creates debug Look for XXBUG221.ZIP. It will create "DEBUG" scripts that can be decoded with XXDEBUG (a separate program) or the DEBUG that comes with DOS. PC Magazine has a program called SCRIPT.COM that produces DEBUG code, but I've found that the files are much larger than you get with a program like XXBUG. If it's not available on a board near you, check the Bat_Power conference. Do a Zippy scan on your BBS for XX or UU. You might find XX3401, a similar program, though not quite the same. You have to get the one with the executable, as one contains only the Pascal source. It's an interesting way to transmit files. I prefer XX over UU if it's a choice between the two, and PGP -a (armor) over both of those, but it's not widely used outside of PGP folks. * 1st 2.00b #567 * Do not enter message this direction. Severe reader damage! 201434369420143436942014343694201434369420143436942014343694718 From: Richard Dale Area: Public Key Encryption To: All 2 Jan 95 20:54:10 Subject: 2047-bit key UpdReq I've just created a 2047-bit key. I've got a 1024-bit key on my ring as well. Can I now add my key from 2.3a to that ring and decrypt all those files I encrypted for secrecy? I had been decrypting them on another computer, copying them to floppy then to this computer, and re-encrypting them with 2.6.2. Seems to me as if I'm doing an extra step that is not needed. I've got some irreplaceable files that I don't want to lose. * 1st 2.00b #567 * Bill Clinton drank a beer once, but he didn't swallow any. 201434369420143436942014343694201434369420143436942014343694718 From: Richard Dale Area: Public Key Encryption To: David Chessler 2 Jan 95 21:00:10 Subject: Re: key revoke UpdReq DC>*have a phone number which you will never forget, but which can't be easily DC>*traced to you? Perhaps your father's work phone 10 years ago? Perhaps your DC>*library card number, from before they went to the system with barcodes? Missouri has gone to using SSNs as the license number, but up until then, the format was LLNN-NNNN-NNNN-NNNN (L=letter, N=Number). Since my father and I have the same name, we each had five Ns on the end. I would consider that to be a fairly secure pass phrase, though it's not the one I use because it would be too obvious to anyone who remembers the old license method. Still, it has 19 characters, and there are an atrociously large number of permutations below that. I'd guess that most people choose a simple one, somewhere from 5 to 10 places. It probably stems from picking a BBS password. Mine is considerably more than that, although it's nothing like "Now is the time for all good men". I feel fairly secure in the 25-30 place range, heh. * 1st 2.00b #567 * Incorrigible punster. Do not incorrige. 201434369420143436942014343694201434369420143436942014343694718 From: Michel Bertler Area: Public Key Encryption To: Jeff Trowbridge 2 Jan 95 13:39:00 Subject: pgp problems UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello Jeff! 30 Dec 94 09:49, Jeff Trowbridge wrote to all: JT> But when I try to respond to a post in an echo I save the JT> original message, open the editor to the message, type my JT> response, save it, back to Ppoint, open the editor again, but JT> when I run pgp -sat response.asc I get a completly encrypted ^^^ ^^^ JT> message. JT> Does anyone know why it does this? Seems like you're resigning it! Usually a .ASC file has already been processed by PGP, you don't need to repeat this procedure. To decrypt a .ASC file, simply put it this way: pgp filename.asc That's all! Michel - --- GoldED 2.42.G0615+ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLwhJ9yS7hDvuVNVxAQHw9AP+P+Q0S5hTbvrhFQ47Rdzm0kWM0LMPRFsp pALrCpT8txARcgdK7yRv3Mghek1mVT586kaeyCm2p/3b4wZIne1gWWWEXYQiaI1B pnbh/kHYd+FDSA9JI0mMmhh5ME+mc55v6aU/OndawVttle1t71A4EVsZik/AgmgI EPJvvCQCRAU= =KcBX -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Glen Todd Area: Public Key Encryption To: All 3 Jan 95 12:39:00 Subject: Technical questions UpdReq -----BEGIN PGP SIGNED MESSAGE----- Greetings, all. I have a couple of questions that I can't seem to find the answers to in the PGP docs. First, what are the meanings of the exit codes (errorlevels) returned by the PGP executable. Second, is it possible to instruct PGP to verify not only that a file contains a valid signature, but that that signature matches a particular key ID? Thanks muchly. Ves thu heil und Gut Jul, // Glen PGP F2F935C1 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLwmZrEsDfAvy+TXBAQENLQf+PJFCGCEEXw565BJpYt6wQVGmhZcw0bZO C52C0O3imbFXa+EC5HFLWNWR9u5U0NHXzhXlGkLQIu2D7n4k+fZgPtwV0d00u8xh g+qeT2nFXtcEWZaQxJcCTnMdVAaJFpBWZjox4rwicENRuMjaMyw2d5MM8K8hCRv+ E9/K6HDYCBYn5ioTfYeegsM8BQBAurLEsHmDvu7/wKovRqbT8hmG0W5akrnjZmZH XD+v5IpMw+X1IF0hrEyeh3dySYSqr9YoWeWmn5AcHgKqNYBVD3HmEeCoNj5guGT+ MXwqvJDuq9YOqEz5dEGUUzJd3duwMWLYrdZXY82dTsedHDAa2e6G7A== =nvgs -----END PGP SIGNATURE----- ~~~ PGPBLUE 2.5 ... OS/2? What's that? Half of an Operating System? 201434369420143436942014343694201434369420143436942014343694718 From: David Rye Area: Public Key Encryption To: Geoff Gowey 3 Jan 95 14:55:14 Subject: GoldED/2 and PGP/2 UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello Geoff... Friday December 30 1994, Geoff Gowey wrote to All: GG> Gotta question here. I'm trying to rig my GoldED/2 to use PGP/2. I'm GG> not sure if it works, but here's what I do: 1.) I del my origin line GG> (GoldED/2 automatically appends it to the end of the message anyway) 2.) GG> I press the F9 key which runs a CMD file (OS/2's ver of a batch file) GG> that does the following: I have no problem running golded/2 and pgp/2. Here are the appropiate lines from my golded.cfg ELSEIF OS/2 EXTERNUTIL 1 c:\bink2\golded2\test.cmd @file "@dname" "@oname" EXTERNUTIL 2 c:\pgp\pgp32.exe +force -ea @file "@dname" -u "@oname" -o @file EXTERNUTIL 3 c:\pgp\pgp32.exe +force @file -o @file EXTERNUTIL 4 c:\pgp\pgp32.exe +force -sa @file "@dname" -u "@oname" -o @file ENDIF EDITSAVEMENU Yes EDITSAVEUTIL 1 "S PGP Leave as Ascii & Sign the msg" EDITSAVEUTIL 2 "E PGP Encrypt to Recipient" EDITSAVEUTIL 3 "D PGP Decrypt the msg" EDITSAVEUTIL 4 "P PGP Encrypt for Public and Sign" My test.cmd is as follows: @echo off pgp32 +force -sta %1 %2 -u %3 -o david.txt move david.txt %1 I had to use a cmd file to sign a message or else the text would get deleted and I was left with just a signature. It works fine like this. Also in your goldkeys.cfg include the following: ; ------------------------------------------------------------------ ; GOLDED KEYBOARD DEFINITION FILE. ; ------------------------------------------------------------------ F11 ExternUtil01 ; Leave as Ascii and Sign F12 ExternUtil02 ; Encrypt to Recipient ^F11 ExternUtil03 ; Decrypt the msg ^F12 ExternUtil04 ; Encrypt for Public and Sign L8er Dave dr94cb@badger.ac.brocku.ca Team OS/2 ... A lie in time saves nine. - --- GoldED/2 2.50.B1006+ -----BEGIN PGP SIGNATURE----- Version: 2.6.1 Comment: dr94cb@badger.ac.brocku.ca iQCVAwUBLwmt+WABZnP6BSBBAQG9tQQAhE8duS4T3qG+kRd9llkz9bNaJaDGTc2L oqoJj9/TVUbAqq4RN4dyrfoa+k4Rcn3jdvD+6Qc3AlIE/e8uPClYFy0Fz20SV26+ sCYzuiyRQ0Tsdnye3IesePWi2DksNdxnufCLjVAfZiPAq6jWH4VKmFldhNvkPItJ T0PW7dhNN4E= =Dtkq -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718