From: Wes Perkhiser Area: Public Key Encryption To: Shawn McMahon 11 Jan 95 05:29:00 Subject: Re: 2047-bit keys UpdReq In a message of , Shawn McMahon (1:19/34@fidonet.org) writes: SM>Despite the stern warnings of the tribal elders, Richard Dale SM>said this to Jerome Greene: RD> Everyone. Everyone should be able to decrypt it if I have done RD> it right. SM>If you indeed encrypted it to everyone, it would create a message SM>of infinite length. SM>(Well, not really, since there aren't an infinite number of SM>possible keys, but I think I've made my point.) SM>Do you mean to say that instead of encrypting it with someone's SM>public key, you encrypted it with your secret key? Try running PGP on it -- it looks to me like he somehow managed to get PGP to compress and ASCII armour it, with neither a signature nor any encryption. Could be useful as a replacement for UUEncode, etc. I guess, but seems like a waste of a good program for just that. ;) Wes 201434369420143436942014343694201434369420143436942014343694718 From: Richard Dale Area: Public Key Encryption To: Shawn Mcmahon 10 Jan 95 18:55:10 Subject: Re: 2047-bit keys UpdReq SM>*Do you mean to say that instead of encrypting it with someone's public key, you SM>*encrypted it with your secret key? No, I encrypted it with the -a switch -- armor code -- that anyone with PGP can decrypt. * 1st 2.00b #567 * Member of P.E.T.A. -- People Eating Tasty Animals 201434369420143436942014343694201434369420143436942014343694718 From: gk pace Area: Public Key Encryption To: John Schofield 12 Jan 95 15:33:12 Subject: Re: Can I Freq Pgp? UpdReq In a message dated: 10 Jan 95, you were quoted as saying: JS> -----BEGIN PGP SIGNED MESSAGE----- JS> --====-- JS> JB> JG> BBS operators can be indicted on criminal charges if somebody JS> from JS> JB> JG> outside the US downloads or FREQs PGP. JS> JB> Who says? Documentation, please. JS> gp> How about Phillip being the target of a US Grand Jury for alledgedly JS> gp> placing PGP upon a medium which "allowed" it to be obtained by someone JS> gp> outside of the US? JS> It's a confusing question. Philip Zimmermann is being investigated by the JS> US JS> Attorney's Office, but he has not been charged with any crime, and it is JS> not JS> known if he will be charged with any crime. If Zimmermann is charged, we JS> should all take a close look at our setups. JS> You need to take all reasonable precautions to ensure that people outside JS> the JS> United States and Canada are not downloading restricted software from your JS> system. However, the crux of the matter is on the definition of JS> reasonable. I agree... my (unconveyed) point was that one should not assume that one would not be harrassed or possibly charged with a criminal offense if they allowed someone from a foriegn country to obtain it from their system. And that one should not spurn the law in this matter. Not being a lawyer, I cannot say with any certainty about circumstances that may or may not have bearing. My definition of reasonable efforts to comply with the law, may not follow those by a US Attorney, and might not prove valuable in a Court. I would assume that the first principal required, would be a stated intent to comply, and to insure that my system is operated to insure compliance. In the event that my efforts failed, I would certainly argue that I had taken reasonable efforts to prevent such. If the prosecution were to produce a document (message) in which I had stated an opinion that the laws were void, did not apply, or that I had an intent to ignore them, my efforts to prove that I had taken reasonable measures would be weak at best. -gk 201434369420143436942014343694201434369420143436942014343694718 From: Armando Ortiz Area: Public Key Encryption To: Marshall Votta 9 Jan 95 18:37:18 Subject: Re: January meeting with UpdReq -> ->pr> -----BEGIN PGP SIGNATURE----- ->pr> Version: 2.7 ->I love being intrigued. ->What's this? Version 2.7 isn't out...at least, not as far as most people are concerned...probably just a hacked version of PGP v2.7... >>> --- * POW 1.2 0052 * Barney is a homosaurus. VQWK 6.20 [Rev H - 04/04/94] 201434369420143436942014343694201434369420143436942014343694718 From: Armando Ortiz Area: Public Key Encryption To: SYSOP 9 Jan 95 18:37:20 Subject: PGP UpdReq -> ->Hello! -> I have been carrying the public key echo for a while, and was ->wondering ->if there is a PGP shell to allow for entering messages online ->with ->Searchlight BBS. Just curious! I'm currently working on something like that, but for Windows. I just need the coding to work with QWK packets using .NDX files like POW does. I have quite a bit of support for the program right now, especially coming from my VB teacher. Give me support like source code for opening QWK's, and I'll include you in the credits... :) Armando Ortiz Solorta Development Teams "Making Windows SAFER...for DECENT people." --- POW 1.2 0052 What part of SHALL NOT BE INFRINGED don't you understand? VQWK 6.20 [Rev H - 04/04/94] 201434369420143436942014343694201434369420143436942014343694718 From: Jeffrey Bloss Area: Public Key Encryption To: Alan Pugh 9 Jan 95 18:50:00 Subject: Where to get PGP 2 UpdReq AP>> limitations on ViaCrypt's RSA distribution license, ViaCrypt only distribu AP>> executable code and documentation for it, but they are working on making P It's a little pricey, but for $950 you can get the ViaCrypt DigiSig+ Software Development Kit - Model K120, that includes capability for RSA public key, DES and DSS. The engine license (if you want to sell your application) is $80 to $20 depending on quantity. FWIW they sell hardware implementations too... DigiSig+ D350 ($625) and D355 ($635) are for parallel and serial ports respectively. And the DigiSig+ D360 ($595) is a cryptographic engine mounted on a PC/XT board that accommodates ISO memory cards for optional external key storage. The cards are $30 a pop. :) jbloss@meadville.com -=- 1:2601/551.0 -=- ->5317 PGP v2.6.2 public encryption key available by request. 201434369420143436942014343694201434369420143436942014343694718 From: Brian McMurry Area: Public Key Encryption To: Aaron Goldblatt 10 Jan 95 20:28:52 Subject: Re: Can I Freq Pgp? UpdReq On Thu 5-Jan-1995 11:41p, Aaron Goldblatt wrote: AG> JG> BBS operators can be indicted on criminal charges if somebody AG> JG> from outside the US downloads or FREQs PGP. AG> Like I can control that. You can make a reasonable attempt. Excerpts from my FReq config: [...] NOUNLISTED ALLOWNODE 1:*/*.* LEVEL 1 [...] MAGIC PGPAMIGA udbase1:pdutil/pgp26*.lha LEVEL 1 MAGIC PGPAMIGA udbase1:pdutil/pgp23*.lha [...] DIRECTORY udbase0:uspgp/ LEVEL 1 TITLE US-PGP DIRECTORY udbase0:pgp/ TITLE PGP [...] 201434369420143436942014343694201434369420143436942014343694718 From: Brian McMurry Area: Public Key Encryption To: Chris Adams 10 Jan 95 20:47:02 Subject: Re: pgp faq UpdReq On Mon 2-Jan-1995 9:06p, Chris Adams wrote: CA> Do you have an email address for the listserver? (Time to test the old CA> Fido<>Internet gateway!) The server's name is majordomo@toad.com. "subscribe cypherpunks" in body of message to link. Address posts to cypherpunks@toad.com. 201434369420143436942014343694201434369420143436942014343694718 From: John Schofield Area: Public Key Encryption To: All 12 Jan 95 00:16:32 Subject: Electronic Privacy BBS List--ApplicationUpdReq -----BEGIN PGP SIGNED MESSAGE----- Well, it's that time of month again. The list has grown, slightly. Now we're at seven systems listed, one of which is in Europe. However, I have hopes that the list will grow in the future as more of the SysOps interested in this area take advantage of this free advertising and send me their applications. (Hint, hint.) _____________CUT HERE________________________________________________ This is a SysOp application to have your BBS listed in the Electronic Privacy BBS List. The list is maintained by John Schofield, SysOp of the Sprawl BBS. Any BBS with a substantial focus on anonymity, digital cash, electronic privacy, electronic civil liberties, or data encryption is eligible (and encouraged) to submit an entry for the list. It's fine if electronic privacy is not the *primary* focus of your BBS, as long as it is a focus. Please fill out the following information completely. You can return this form by file-attach or routed netmail to Fidonet 1:102/903, send it as private e-mail to the SysOp of the Sprawl BBS at (818) 342-5127, fax it to (818) 342-5127, send it through the Internet to john.schofield@sprawl.expressnet.org, or (last resort) mail it to: P.O. Box 571312 Tarzana, CA 91357-1312 USA If you have any questions, feel free to ask through any of the methods above, or call (818) 345-8640 voice during normal (Pacific Time) business hours. =========================================================================== BBS Name : SysOp's Name (or pseudonym) : Year and month BBS started : BBS Location (City, state and country, *not* mailing address): BBS Phone Number(s): Number of Lines : Modem type(s) : Are 300 or 1200 BPS callers welcome?: Network memberships (include addresses) : BBS Software : Cost (include time and download limits) : Short Description (75-word limit) : =========================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLxTkO2j9fvT+ukJdAQF0ZgP/R3TSlKcn83Iv5Vy873RgtbBqwYbwlRMJ OvvIlRBclpNIUr2jrl22r3+fY+oP1xV/m1AtgX2fN9f4P8qK0e//jSe/4qNR1UpP iXoHHhIbXO8g0wZkrv6I6oWwsEREeSnTdNM4cJuHnP3Ea/p0tkX3UdzH5YUkWIUb YC+HvNQkc2M= =u7fh -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... If at first you don't succeed, destroy all evidence that you tried. 201434369420143436942014343694201434369420143436942014343694718 From: John Schofield Area: Public Key Encryption To: All 12 Jan 95 00:16:32 Subject: Electronic Privacy BBS List--January EditionUpdReq -----BEGIN PGP SIGNED MESSAGE----- Electronic Privacy BBS List January 1995 Number of systems: 7 This list is intended to provide people interested in encryption, anonymity, and other electronic privacy issues with a comprehensive list of BBS's they can use as resources. Because BBS's are always changing, this list can never be 100% accurate. However, every effort will be made to keep the list up to date. To receive the latest issue of this list, you can do a Fidonet file request from 1:102/903, and request magic name BBSLIST. The list will be updated whenever there are significant changes to it, or roughly once each month. The latest version of the list is always available for download at the Sprawl. The number is (818) 342-5127. The list is organized by area-code and telephone number. Most systems listed have been verified by calling them. The "verified" date is the last time they were called. Bulletin board operation is verified by the list-keeper, but all other information is supplied by the people running the boards, and no attempt is made to verify it. No warranty whatsoever is provided with this information. Use it at your own risk. If you have a BBS that should be added to the list, or information on changes to any of the BBS's on the list, send it to: Fidonet: "John Schofield" at 1:102/903 Internet: john.schofield@sprawl.expressnet.org Fax: (818) 342-5127 Voice: (818) 345-8640 ********************************************************************** -- BLATENT PLUG -- I publish Keep Out magazine, otherwise known as "the journal of electronic privacy." Keep Out focuses on encryption, anonymity, digital cash, steganography, and anything else that can protect your privacy. Instead of telling you about politics or the obscure mathematics behind encryption algorithms, Keep Out talks about the practical methods you can use to protect your privacy. Keep Out was reviewed in the December, 1994 issue of Wired magazine, on page 183. The review states in part that, "it's a good buy for those who want to do something about privacy and not be bothered with the nitty-gritty of algorithms and politics." If you would like one free sample issue of Keep Out, simply send your name and address, and your name will be added to the mailing list. A one-year (six-issue) subscription to Keep Out costs $15. Unfortunately, we cannot accept credit cards, but checks and money orders payable to "Keep Out" are welcome. You can contact us at any of the numbers or addresses listed above, or you can mail your check to Keep Out P.O. Box 571312 Tarzana, CA 91357-1312 USA Thanks very much for your interest in Keep Out and in electronic privacy. John Schofield Publisher, Keep Out ====================================================================== Verified: January 9, 1995 Name : The Penny University SysOp : Jason Carr Age : Since December, 1993 Location: Las Colinas, Texas, USA Number : 214-650-0382 Lines : 1 Modems : 14.4k BPS V.42b Networks: Fidonet ---- 1:124/3208 CIANet ----- 150:151/110 DhYNet ----- 99:817/1 HumaNet ---- 250:214/100 TxoNet ----- 88:214/109 Software: Maximus Cost : Free, 1 hour a day Descrip.: Decent PGP file area. Carries both Fido PGP echoes, and PGP_ECHO, a =full-encryption= echo for the Dallas-FtWorth. Netmail Jason if you want techie details on how to run a conference like this. ====================================================================== Verified: January 8, 1995 Name : Colorado Catacombs BBS SysOp : Mike Johnson Age : Since September, 1991 Location: Longmont, Colorado, USA Number : 303-772-1062 Lines : 2 Modems : Microcom DeskPorte FAST ES 28.8k BPS U. S. Robotics Sportster 14.4k BPS Networks: None Software: Wildcat! 3.90 Cost : Basic access: free; Extended access: $25/year Descrip.: The Colorado Catacombs BBS is one of the main distribution sites for Pretty Good Privacy, Quicrypt, Data Lock, and several other encryption packages. Bible search software and other general interest files can be found here. ====================================================================== Verified: January 9, 1995 Name : Rights On! SysOp : Christopher Baker Age : Since May 18, 1985 Location: Titusville, Florida, USA Number : 407-383-1372 Lines : 1 Modem : USR HST/ds 9600+ BPS Networks: Fidonet ---- 1:374/14 Internet --- cbak.rights@opus.global.org Software: Opus CBCS under D'Bridge 1.58 Cost : Free, 60 minutes a day, no upload requirements Descrip.: Rights On! is dedicated to human rights, privacy, and separation of state and church. All are welcome to contribute to the effort with information and message traffic. This system is the Host and originator of several international Echomail areas such as: A_THEIST, PKEY_DROP, PUBLIC_KEYS, and MENSANS_ONLY. This system was one of the primary movers of PGP ops into FidoNet along with the founder of FidoNet, Tom Jennings. ====================================================================== Verified: January 9, 1995 Name : Black IC SysOp : NetRunner Age : Since August, 1994 Location: Kingston, Ontario, Canada Number : 613-547-6756 Lines : 1 Modem : USR Sportster fax v32bis, v42bis, 14400 BPS Software: Maximus 2.02 Cost : 32MB per day, no ratios, 90 min per day, no cost Descrip.: Here for users' privacy. Not even the sysop reads mail not to him. Use of encryption is encouraged. Private file trading is also encouraged. ANYONE can DL from the file trading area. ENCRYPT IMPORTANT FILES. 24 hour operation. PGP 2.3a online. No real names, no phone numbers, first login downloading is OK ====================================================================== Verified: November 28, 1994 Name : Houston Libertarian BBS SysOp : Mike Lenker Age : Since July, 1992 Location: Houston, Texas, USA Numbers : 713-728-9777 (BBS) 713-728-2199 (BBS and Mailer) Lines : 2 Modems : Maxlite 14.4k BPS Practical Peripherals 14.4k BPS Networks: Fidonet ---- 1:106/1776 Survnet ---- 9:2900/1776 Slacknet --- 10:713/0 and 10:713/1 Software: RBBS-PC Cost : Free Descrip.: Main interest is Libertarian files and echo conferences. Encryption and mail privacy are strong secondary interests. Region 19 SecureMail hub. ====================================================================== Verified: January 9, 1995 Name : The Sprawl SysOp : John Schofield Age : Since May 5, 1993 Location: Tarzana, California, USA Number : 818-342-5127 Lines : 2 Modems : Zoom 14.4k BPS Practical Peripherals 28.8k BPS V.FC Networks: Fidonet ---- 1:102/903 ExpressNet - 11:310/12 Internet --- sprawl.expressnet.org Software: Remote Access 2.02+, Intermail 2.29+ Cost : 30 min/day free; extended access @ $1 per 200 min Descrip.: Home of the Electronic Privacy BBS List. The Sprawl is also the home BBS of Keep Out magazine, the journal of electronic privacy. The Sprawl carries every privacy- and encryption- related Fidonet message area and Internet Newsgroup, as well as the Cypherpunks mailing list. Current and past versions of PGP are available on the first call, as well as many megabytes worth of encryption and privacy files. ====================================================================== Verified: Name : Dynamo Donut SysOp : Johann H. Addicks Age : Since September, 1992 Location: Dortmund, FRG, Germany Number : ++49-231-7261726 Lines : Modems : Networks: Fidonet ---- 2:2444/1 Z-Netz Internet --- bluebocs.donut.ruhr.com Software: NCB-Mail Cost : Basic-Services 5$/month Descrip.: Offering some thousand usenet newsgroups. mail-server for fido-points/zconnect-single user sites + ftn/zc/uucp-gate online-bbs mostly for point-"emergency"-support-purposes. =========================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLxTkj2j9fvT+ukJdAQGBJgP/Y4H3OBYA/R6ucszPh707oyj9wsjkn2Nd GXawIYQ5lddr6a0HXeTlAlNNOhKdfeIon1h8BKX2YrAm5/M4jZ0cbGipw1GPADhd GkBpR8ZEnXD7PQ7q9n9C2eTMwg0Cb6Bg+XiiiXn2AEka/INQXquYtcdavX3zyemB 102K0Al5+fg= =+Btg -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... I thought about being born again, but mum said no. 201434369420143436942014343694201434369420143436942014343694718 From: Richard Dale Area: Public Key Encryption To: Brian Giroux 12 Jan 95 17:44:10 Subject: PGP LEGAL OUTSIDE US? UpdReq BG>*question is this; what is Zone 1? There is a small thread in a local BG>*echo about the legality of PGP, some people are under the impression BG>*that it isn't allowed to leave the US, I'm under the impression that It is illegal to "export" any MIT version of PGP from the U.S., but the source code is available, as is PGP 2.6ui (or some number like that). But -- I have no doubt that the "illegal" versions made it outside the U.S. quicker than they made it to the interior. Export -- hmmmmm. To me, that means I ship it out in trade for something like money or other goods. A profit of some kind, even something as intangible as "good will". Think that would work, your honors? Heh heh. * 1st 2.00b #567 * "Did anyone get the number of that elephant?" -- Tom Foley 201434369420143436942014343694201434369420143436942014343694718 From: Richard Dale Area: Public Key Encryption To: Scott Miller 12 Jan 95 17:45:10 Subject: Problem generating keys UpdReq SM>*by it were verified. Also, when I view it (-kv) it says 2047 bits. Everyone SM>*elses are 2048, so what am I doing wrong? Key ring: 'd:\pgp262\pubring.pgp' Type bits/keyID Date User ID pub 2047/381F7D89 1994/12/27 Richard Dale * 1st 2.00b #567 * "Pentium is like a box of chocolates." -- Forrest Intel 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: Armando Ortiz 14 Jan 95 00:21:04 Subject: PGP versions [Was: Re: January meeting with]UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message dated: 09 Jan 95, Armando Ortiz was quoted as saying: AO> Version 2.7 isn't out...at least, not as far as most people are AO> concerned...probably just a hacked version of PGP v2.7... 2.7 is the commercial version of PGP produced by ViaCrypt. TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLxdfQ8sQPBL4miT5AQFbQwP9EAlUJDJr15AbTuwLIiiBuE+1QdIVJQcr KlMP6Pkn24LM6zLbj47G1jCF7rSqld5+PQsDLgcAgut2tlxdluE+pk0ojekTxlAp Fa6+ZDuDid3PsmwDhEopTIbgXFa/fn2A8vmQJfz86y8U9zvSye35yzGyTXi/Km3F zfE+h3D58dk= =QQkL -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Jim Gorges Area: Public Key Encryption To: All 13 Jan 95 07:44:06 Subject: Quotes as Passphrase UpdReq I understand why using a literary quotation as a passphrase is a poor idea. Is it equally bad to use concantated quotes or quotation phrases? Would the software that searches for passphrases determine such a phrase is made, say, half from a quote by Shakespeare and half from the US Constitution? Jim Internet: Jim.Gorges@oubbs.telecom.uoknor.edu 201434369420143436942014343694201434369420143436942014343694718 From: Jim Grubs Area: Public Key Encryption To: Wes Perkhiser 13 Jan 95 14:51:00 Subject: 2047-bit keys UpdReq > In a message of , Shawn McMahon (1:19/34@fidonet.org) > writes: > SM>Despite the stern warnings of the tribal elders, Richard Dale > SM>said this to Jerome Greene: > RD> Everyone. Everyone should be able to decrypt it if I have done > RD> it right. > SM>If you indeed encrypted it to everyone, it would create a message > SM>of infinite length. > SM>(Well, not really, since there aren't an infinite number of > SM>possible keys, but I think I've made my point.) > SM>Do you mean to say that instead of encrypting it with someone's > SM>public key, you encrypted it with your secret key? > Try running PGP on it -- it looks to me like he somehow managed to get > PGP to compress and ASCII armour it, with neither a signature nor any > encryption. No biggee -- just use PGP -A. In short, PGP just zips it and then does Radix64 with no encryption of any sort. Sincerely, Jim Grubs 201434369420143436942014343694201434369420143436942014343694718