From: Jeff Trowbridge Area: Public Key Encryption To: Aaron Goldblatt 19 Jan 95 20:37:38 Subject: pgp problems UpdReq On (18 Jan 95) Aaron Goldblatt wrote to Jeff Trowbridge... JT> If I did it right, This will come through with just a pgp sig JT> on it. AG> It had the sig, but I couldn't check it because I don't have your AG> public key. AG> D'Artagnon Hi Aaron, I haven't put out a public key yet. Mainly I followed your advice and the pgp sig turned out like it was supposed to. Right now I'm just using the 512(?) bit key until I get more proficient with pgp. Then I'll do the big key for public consumption. BTW, when you encrypt a file with the ascii armour (.asc extension) is it just as secure as one encrypted by binary (.pgp extension)? Thanks, Jeff 201434369420143436942014343694201434369420143436942014343694718 From: mark lewis Area: Public Key Encryption To: jason carr 19 Jan 95 23:13:50 Subject: KEY REVOKE UpdReq jc> OK, let's try it this way. Here are the steps involved in jc> properly revoking a key and storing the revocation off the jc> pubkey. I will use GOODKEY for the pub key we want to jc> revoke and re-add, and REVKEY for the revocation we want to jc> have handy. did you actually try this? what happened to the revocation on the secret key? THAT is the main question. of course we can always pull a copy of the unrevoked key from somewhere else but we can't really do that with the secret key, unless we have a backup copy somewhere and that, in itself flys in the face of security and the issues involved... )\/(ark # Origin: (1:3634/12) * Origin: PODNet <-> FidoNet EchoGate! (93:9600/0.0) SEEN-BY: 107/946 147/1077 259/212 382/7 640/217 3611/19 9600/0 9608/0 9609/0 201434369420143436942014343694201434369420143436942014343694718 From: David Chessler Area: Public Key Encryption To: Jim Gorges 19 Jan 95 20:32:00 Subject: Quotes as passphrase UpdReq On 01-13-95 (07:44), Jim Gorges, in a message to All about "QUOTES AS PASSPHRASE", stated the following: JG>I understand why using a literary quotation as a passphrase is a poor >idea. Is it equally bad to use concantated quotes or quotation phrases? >Would the software that searches for passphrases determine such a phrase >is made, say, half from a quote by Shakespeare and half from the US >Constitution? At some point the passphrase can only be attacked by brute force (which may mean rubber hoses on the person who knows the phrase). Generally, two or three *different* quotations, or quotations plus numbers, would be safe, since they would not appear in any lexicon or phrasebook. But the resulting passphrase should be "long enough." I think 30 characters is about the minimum (I've explained my thinking often enough). ___ __ chessler@trinitydc.edu d_)--/d chessler@capaccess.org * SLMR 2.1b * E-mail: ->132 1:109/459 david.chessler@neteast.com 201434369420143436942014343694201434369420143436942014343694718 From: Gordon Campbell Area: Public Key Encryption To: Rich Veraa 19 Jan 95 12:35:08 Subject: Can I Freq Pgp? UpdReq -----BEGIN PGP SIGNED MESSAGE----- On (13 Jan 95) Rich Veraa wrote to Gordon Campbell... RV> Are you sure that's still true? I thought there was something in RV> NAFTA RV> about Canada adopting a whole bunch of US laws, including ITAR. RV> (just asking; I don't know for sure) I'd hazard a guess, no. Adopting another country's ridiculous laws isn't something we're prone to doing. Bringing our own in line, perhaps. Adopting ITAR? Doubtful. I'll check, though. I have a copy of the legislation. Cheers, .....G -----BEGIN PGP SIGNATURE----- Version: 2.61 Comment: Help! Help! The paranoids are after me! iQCVAwUBLx6jRpwO1gTQsY8RAQG0BAP8CStQLigCBXnFAAGl0kA6mcydsva9FtBn haI30+DBFKvdTx52uliOWMMcQyNbYLDZcxplTU0vSDM0eOwqIiwTOw00NLBcmyoE 2TEQMBZTSRS41WHs7W6kn85MyWfs2iPZcfWFQGph1PGHPPBgzUpdTi9RwwQALVy8 ARsfLS+kjdw= =XJIw -----END PGP SIGNATURE----- ... Vegetarians eat vegetables. Beware of Humanitarians. 201434369420143436942014343694201434369420143436942014343694718 From: William Hattenhauer Area: Public Key Encryption To: Lawrence Garvin 20 Jan 95 16:59:00 Subject: Re: PGP - !USA distribute UpdReq As for PGP ... persuant to my conversations with the author of same by phone and to subsequent search of the World Wide Web(Internet) and the use of many a C compiler by many a 'non-USA' type person[source code being available to anyone who desires same]. The USA Govt. is in the poor enforcment position of tring to restrict access to PGP when it is already posted world wide. .As for crypt that process is NOT available 'world wide', in source or in binary for any system. And SCO is well within the law as well as (C) law to do as it does. To maintain the export licence they MUST strip any encription program from UNIX(generic). $$ is $$. .PGP not being sold for $ violates no patent [that math can be patented astounds this sender], and as the source is VERY PUBLICLY distributed and very tough for USA Govt. to coverup/restrict/classify/... .I think if we checked a few Founding Fathers notes/laws we would find that the government 'OF THE PEOPLE...FOR THE PEOPLE' may be stepping on it's @@@@ trying to restrict encryped comm anyway!! .DO YOU MAIL ALL YOUR MAIL ON A POSTCARD? .To Much Said ... Security, confine Ensign Garvin to the brig. ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718 From: William Hattenhauer Area: Public Key Encryption To: Jim Bell 20 Jan 95 16:59:00 Subject: Re: PGP Forever !!! UpdReq AMEN! Never forget! Just who's government is it anyway? What could anyone gain from encripting a message in PGP (that the government can NOT read) that could possibly cause them to REACT as they are now doing? Answer: a. The Truth! b. Political Incorrect Ideas. c. Unfiltered News. d. Alternative Thought Sources. e. ALL OF THE ABOVE + ... An Armed Society IS a Polite society! R. Heinlian - Live FREE or Die! ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718