From: jason carr Area: Public Key Encryption To: Basil Hoyl 19 Nov 94 21:07:54 Subject: Lawyer 2/4 UpdReq -----BEGIN PGP SIGNED MESSAGE----- Basil Hoyl wrote in a message to All: BH> determine how much information is enough or too much is to BH> give some BH> thought to the size of an ascii pgp public key file. Mine BH> was about 1700. (now down to less than 800) This also goes I have less than 20 keys on my ring. The people I write to on PGP_ECHO, and the luminaries here in Fido PUBKEY land (Chris Baker, Mr Pace, etc). I haven't the diskspace, LD budget, or patience to adopt every key that comes along. I mean, i think it's silly for =everyone= to have all the keys on the server. BH> As an advertisement, you are absolutely correct. Of course BH> it is useless and pointless to seek money from foreign BH> countries and other states! That does not mean that people BH> in those BH> places would have no reason to communicate with me. I This is one of the stronger points of your position, IMO. If it wasn't an ad then it shouldn't be subjected to ad criteria. If it =was= an ad, then that is another can of worms, since Fido is [generally] unwilling to carry commercial traffic, and the inet is also hostile to it. BH> topics I listed. Why did I choose the form I chose to list BH> these things? First and foremost, I wanted to include "key BH> words" so that if someone had a particular interest and they BH> typed in a key word, my key would appear as an option. Hmmm, I wonder if a keyword list would have attracted less attention? IE, "Keywords: Lawyer law legal texas insurance" etc. BH> change with time and circumstances. I agree that my public BH> key may be offensive or annoying to individuals at this BH> time. If others follow my suggestion that public keys BH> contain in the ID field more information than bare name and BH> address, but BH> actually identify the complete person whose key it is, then BH> while some will always consider it to be bad taste, it might BH> become acceptable to the community at large. Does this make BH> me a pioneer in the field of poor taste? ;) Hmmm, or what about the person who lists an obnoxious or obscene aka in the the additional User ID fields.... :\ jason ... Truth will set you free, but first it will piss you off -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP_ECHO: CypherEcho to the gods... iQCVAwUBLs7bl0jhGzlN9lCZAQFy1AP+NMhHLTrFgUSpf/1h7bu7EUMpAEyDEHAq snljEFp7dDqaaaQ7+kirYRAl3/Zzg3n+nEc6zcvJ99DL42P6YueaT0W0nBOIXeKq FjdNhNUy4uFqKAGkNZVdWWj2/wEuUjHwRcsXdITyD451wybWyN7o6zgUfCDWb4j8 qHwfgeMfrLE= =ym4j -----END PGP SIGNATURE----- ... Key fingerprint = 60 97 B2 AE 7D 90 11 2F 05 1C 35 98 E9 B9 83 61 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Basil Hoyl 19 Nov 94 21:17:10 Subject: Lawyer 3/4 UpdReq -----BEGIN PGP SIGNED MESSAGE----- Basil Hoyl wrote in a message to All: TH> jason carr wrote: TH> jc> I think it's fairly obnoxious TH> ditto. BH> BH> Ok, I do appreciate the statement that "it" was fairly BH> obnoxious rather than my being fairly obnoxious. I do Well, discussions of issues are more productive than _ad hominem_ argument, right? :) BH> conference think about this issue. Is it wrong to include BH> in the ID section of your public key such items as your BH> profession, snail mail address, or reasons why individuals BH> might wish to send messages to you? Should the ID field BH> include key words to topics in which you have expertise? Idea to kick around: what if your AKA on my board was "Attorney-at-law, Safeco," etc etc. That would be an actual aka, an alternate user id. It would be hard to argue with =that= unless it was obsence (and therefore illegal to send across state laws, on or off a common carrier). jason ... 2 + 2 = 5 for extremely large values of 2. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP_ECHO: CypherEcho to the gods... iQCVAwUBLs7c7kjhGzlN9lCZAQGe1AP+NggzYWMYDmq1q8IEk9fbBwh2zAM0V662 iLaqH9VO4y7ddbQQZ0cfdZFo+x1gpgQMndNwfu2UCrbkuhoryb7trvovgvb7hVY/ XgKZfy6tSWJPDJzOm5p3O3FBOWrca8Gn/vmCULy5MjZmhNJiNLdBDItJ8WsDj12e 8kd4fYPjdgA= =1qBr -----END PGP SIGNATURE----- ... Key fingerprint = 60 97 B2 AE 7D 90 11 2F 05 1C 35 98 E9 B9 83 61 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Basil Hoyl 19 Nov 94 21:23:00 Subject: Lawyer 4/4 UpdReq -----BEGIN PGP SIGNED MESSAGE----- Basil Hoyl wrote in a message to All: BH> -----BEGIN PGP PUBLIC KEY BLOCK----- BH> Version: 2.6 BH> hbCBT cGVjaWFsaXphdGlvbg== BH> =mh9j BH> -----END PGP PUBLIC KEY BLOCK----- BH> BH> 1 BH> -----BEGIN PGP MESSAGE----- BH> Version: 2.6 BH> BH> iQCVAwUALsqJNQ2k7RnzbNCRAQFvqwQAvwduwY8SHxZ+vBWlEWqoh+KdSh BH> bqPWL PjZDnW4GaIM= BH> =mtSh BH> -----END PGP MESSAGE----- BH> BH> 2 BH> -----BEGIN PGP MESSAGE----- BH> Version: 2.6 BH> BH> iQCVAwUALsqJgA2k7RnzbNCRAQELegP/UjlTPjdHiFJwoqibuoGWbf8Opu H> rtRVQ 4e32mJcAuag= BH> =uikQ BH> -----END PGP MESSAGE----- BH> BH> 3 BH> -----BEGIN PGP MESSAGE----- BH> Version: 2.6 BH> BH> =1BYh BH> -----END PGP MESSAGE----- BH> BH> If I did this correctly, you should have my public key and BH> signatures for the previous three messages. I would BH> appreciate your comments on these issues. Yikes!!!! Looks like you're doing a =lot= of extra work there. I'd used BlueWave and PGPBLUE for effortless (and neat) encryption and sigs. Takes much less effort on your part. And Chris will likely remind you that blocks go in the sister echo, PKEY_DROP (available on this bbs). You are welcome to experiment (play!) to your heart's content to mess with the concepts. I noticed that you got some real live encrypted stuff in the echo the other day. :) jason ... I've got morals, I just keep misplacing them. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP_ECHO: CypherEcho to the gods... iQCVAwUBLs7eqEjhGzlN9lCZAQFeLAP8CRat4OQvU6rilYFck6RBZ4v5/q22AEfV n5LfrKOBaxH9LzPu7p4cPemZ6WejL+qwt+mUu1qiyVkr5rS0dktDTOUZaohinmGl yM/87YrpJPLpizvUBXAGYJTqpplA8vAIbUYdW/Ja/aH1yNKCrQKgS5lmZSiSWXbp XaJpWTvMZo4= =aojl -----END PGP SIGNATURE----- ... Key fingerprint = 60 97 B2 AE 7D 90 11 2F 05 1C 35 98 E9 B9 83 61 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: David Chessler 19 Nov 94 20:23:10 Subject: Pkzip security UpdReq -----BEGIN PGP SIGNED MESSAGE----- David Chessler wrote in a message to Jason Carr: JC>Do you have any up for FREQ? DC> I am not on any BBS that supports FREQ. I'll snag it from elsewhere, then. Thanks for the info. jason ... Do not expose this tagline to direct sunlight. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP_ECHO: CypherEcho to the gods... iQCVAwUBLs7PdkjhGzlN9lCZAQHOJgP+MGdZ/UtVrduyKh5dPH6QZW8xK5gQng4b D4MIKopx3ai8hk2CwlIRW6Xb4/3AFyrZKqhYCKVvM08zNK7FVKkQiLM4+iMsUeuX 4rOdIBOfpzkXn/mIx0HRbl526fl+4nbt0D007UUPqIhevv3obA1JIsP0k4BotMHQ ysLBPMDLfog= =tW0/ -----END PGP SIGNATURE----- ... Key fingerprint = 60 97 B2 AE 7D 90 11 2F 05 1C 35 98 E9 B9 83 61 201434369420143436942014343694201434369420143436942014343694718 From: Basil Hoyl Area: Public Key Encryption To: Explorer@Vorpal.Com 17 Nov 94 19:44:06 Subject: 1:1/31@fidonet.org UpdReq I know it seems a bit hokey on the "to" and "subject" fields, but give an experimenter a break... -----BEGIN PGP SIGNED MESSAGE----- Those of you who have been reading the posts on the fidonet echo may be interested in my discussion today with Michael Graff who operates an internet key server. It is Mr. Graff's belief that if keys are too large, the key servers will not be able to handle the traffic. He voiced another concern that if a key appears too commercial, he would not be comfortable in placing it on a key ring due to patent questions with RSA. He does not believe that the ID fields should be used as a database of information about the knowledge or expertise of the key holder. While I still believe that the ID fields should be used as a database for expertise and that they will be immensely more useful in that regard, I do understand his concerns about RSA and the size of the keys overloading key servers. Accordingly, I send with this post my revocation of the my prior public key and enclose a new public key. The ID field of the new public key is limited to one ID field with name, title, snail mail address, land line numbers and e-mail address as follows: Basil Hoyl Attorney at Law c/o Safeco Land Title 4001 Airport Fwy. Ste. 190, Bedford (DFW) TX 76210 (817) 685-0555 (-0593 fax) This should not be so large as to overload anyone's key as it occupies roughly only 2/3 of one ID field and contains information regarding addresses and communications rather than "spam." [infomercial messages] Since I would like the various individuals who possess my key to know who I am, beyond my name, please allow me to state here that my interests include the law, real estate, matters of family law, criminal procedure and all matters involving litigation [trials]. You can generally find me lurking in the fidonet legal echo area. I hope that this method of introduction is more pleasing to the diverse elements reading this echo. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAi5d9usAAAEEAOLd4Gb0BCp7/XVgP2LaSe0++ITkJmwnTeHtdK8kOPjaXYu2 fP1zV108eAD0gfI9z18eACxnrIiAadwPCBO+TC9jqPnnTKztM63gPnpPS0digj5N XkdmgSDWCJZujbwB5mGVPUc8q909kYxoaztRxFkJ8ruHB4bKOw2k7RnzbNCRAAUR iQCVAwUgLsv+ZQ2k7RnzbNCRAQGtPQQAgMQoB0SYalqB95DcukAeb62b4AmnBLDM C2GbOrK/iS1kvg0UTAen8qo7nDMjBQAMjCDkDga1GedNLnd5cSoWn1cGN2av/O5T nK9ZiLxIKT1UZbaUd3rj9hkXVFUfGh/6QuK9gxCJd8lwZNFgSjEj7BZEldM5jhZn /Qe4Xgk+mja0VEJhc2lsIEhveWwsIEF0dG9ybmV5IGF0IExhdyAoODE3KSA2ODUt MDU1NTsgbWV0cm8gKDgxNykgMjY3LTQxMTQ7IGZheCAoODE3KSA2ODUtMDU5M7Rw U2FmZWNvIExhbmQgVGl0bGUgT2ZmaWNlIChEYWxsYXMvRnQuV29ydGgpIDQwMDEg QWlycG9ydCBGcnd5LiBTdGUuIDE5MCwgQmVkZm9yZCwgVFggNzYwMjEgIChmZWUg c2NoZWR1bGUgYnkgZmF4KbSTUmVhbCBFc3RhdGUsIEJ1c2luZXNzIExpdGlnYXRp b24sIERpdm9yY2UsIEZhbWlseSwgQ2hpbGQgQ3VzdG9keSwgU3VwcG9ydCwgUGVy c29uYWwgSW5qdXJ5LCBVQ0MsIE5vdCBDZXJ0aWZpZWQsIFRleGFzIEJvYXJkIG9m IExlZ2FsIFNwZWNpYWxpemF0aW9u =VMXf - -----END PGP PUBLIC KEY BLOCK----- - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAy7MA2YAAAEEAMbxHy8/IsGlMPiBcYEPIntV89/1HATxe9HLqLNn8DtB2hBe xGz1tETzpkdyVNi+0nNd44TeZ5eJBu/dM1tLoskSVQdDguJtjRSS8MDt6XV4SpSc mp+J207O2c0kfW9bWTk3Xz4jDOmaakyETpVlylvQJOVRpJidZO+5mV4/MoUNAAUR tKhCYXNpbCBIb3lsLCBBdHRvcm5leSBhdCBMYXcgYy9vIFNhZmVjbyBMYW5kIFRp dGxlIDQwMDEgQWlycG9ydCBGd3kuIFN0ZS4gMTkwLCBCZWRmb3JkIChERlcpIFRY IDc2MDIxICg4MTcpIDY4NS0wNTU1ICgtMDU5MyBmYXgpICAgPEJBU0lMLkhPWUxA ZjMyMDgubjEyNC56MS5maWRvbmV0Lm9yZz4= =F0o4 - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLswczu+5mV4/MoUNAQF9TgQApeCSncm0evV9mvkFSt8lMyWnvT81WU/a 0mybNta/BXj1JjRTDy20+P7470zbQ4iRH9o2ehcHN2oWQj158ZXg056mjxPzKduk UuP9S1iT4Ki3JKTjek5DmDD4RD7ms8QeL3k+euXIcBXgHii8WYx+h3SrM/SONIyH 39Ao5w9ExWY= =70Ld -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Basil Hoyl Area: Public Key Encryption To: All 16 Nov 94 14:50:46 Subject: Lawyer 1/4 UpdReq Gentlemen, I posted a public key which stated many things about the type of work I do and the type of expertise I have. I would like to address my concerns and have a bit more discussion on the topic of what may ethically and appropriately be placed into a public key. Jim Gillispie wrote: JG> If you really want to put your key out and let folks , JG> know who you are then write that stuff in the beginning JG> of your message and then attach/import your extracted JG> key into the bottom of the message. You can then . JG> clear sign the message with your key to verify its JG> to add it to their keyring, but it lessens the _size_ of JG> their accuracy Granted clear signing it makes it a little JG> more difficult for someone keyring tremendously.... In JG> the long run though, the only thing that concerns me JG> with someone's key is that it can be verified..... Other JG> than that, Not all people will have the text file associated with the key. Further, if they desire to search their key rings for "dog" or "breeder" it would not disclose those with those special skills or talents if it was simply in a text file. If the information is included in the key, then a search of ID will disclose that item. I think the id field should have some information more than a simple address, perhaps three or four lines of information, but your idea of sending a text file with the key is probably the correct method of approaching this issue. JG> I really don't care _who_ you say you are on a PGP JG> level. If I want to know _who_ you are, I'll initiate a JG> _conversation_ with you to investigate just that. As for JG> putting your e-mail address(es) in that's perfectly fine. JG> Just encapsulate it with "<>" marks on your JG> user-id/alias field. The problem with initiating a conversation to determine who a person is centers on the anonymity of pgp keys and communication. If I would like to communicate with a particular person, I probably already know that person and what I would like to say to that person, and why it must be confidential. If I have a particular need to communicate on a particular topic, and I wish that not everyone have access to the contents of my communication, then the issue is twofold; first that I can find the right person to meet my needs, and second that the person I find is actually that person and not some government agent masquerading as a human. :) If sufficient information is placed in the id section of a public key, then the first of these two criteria is facilitated. The second is still up to the individuals. In other words, if you have a large key ring filled with "John Smith" and "Gaylord Perry" how would you know to whom to write in code in order to learn how to throw a spit ball in major league baseball unless you already knew the person. I suggest that the type of expertise you have should be placed in the id field to further identify the person and demonstrate WHO THAT PERSON IS by identifying the person not only by name but also by expertise, etc... JG> I did pull in your public key to my keyring and it JG> damned near brought my 386DX/33 to its cyber-knees. JG> If you want a good Memory and the limitations of PGP may be a valid concern. I do not know how PGP keeps large public keys in memory. Must the machine have sufficient ram to contain the entire key at one time? If this is the case, then it might be important to keep the id fields small. JG> example of a public key, look at Phil Zimmermann's; JG> it comes with PGP. btw, no appology necessary: we're JG> all learning here . Well, Phil Zimmerman is well known to those who would use PGP, as is Bill Clinton and Mitch Kapor and other celebrity figures. If you were seeking to communicate with cryptologists, I would think that in the living memory of individuals, the name Phil Zimmerman is already identified with cryptology. This is not true for the vast majority of people. Besides, he just started this Frankenstein. It now has a life and a will of its own. John Schofield wrote: JS> First of all, your act was not immoral. However, it was JS> very annoying. I have no qualms with someone putting JS> as their user ID "John Smith (Lisp JS> programmer)" I would have had no problem with you JS> putting "(Tax Lawyer)" after your ID. (I didn't save JS> your key, and I forgot exactly what type oflawyer you JS> are.) In fact, even a short sentance or two about your JS> law practice might have been acceptable (although it JS> would have been mildly annoying). What makes your JS> key so supremely irritating is that you have MORE JS> THAN A SCREEN worth of useless verbiage about your JS> law firm. In fact, you had so much advertising copy in JS> your user IDs that it was hard to find an actual e-mail JS> address in there. 201434369420143436942014343694201434369420143436942014343694718 From: Basil Hoyl Area: Public Key Encryption To: All 16 Nov 94 14:52:28 Subject: Lawyer 2/4 UpdReq Perhaps I included too much information. (for a lawyer to keep information to only one screen of verbiage was to my mind something of a success) :) Perhaps the way to determine how much information is enough or too much is to give some thought to the size of an ascii pgp public key file. Mine was about 1700. (now down to less than 800) This also goes to Mr. Gillispie's concerns about memory problems for large keys. What do you (the reader) think about the maximum size of an ascii pgp public ring? JS> Plus, you were advertising for a Texas-based law firm in JS> a forum that is read all over the world. Worse yet, your JS> key will be added to key-servers located in many JS> different countries. Ninety-nine percent of the people JS> who will see your key have no possible use for you. I JS> have no need for your services. Even if you weren't JS> annoying, I would use As an advertisement, you are absolutely correct. Of course it is useless and pointless to seek money from foreign countries and other states! That does not mean that people in those places would have no reason to communicate with me. I mean, people with Ham radio sets communicate with people all over the world, and they do it for fun. I do have some expertise and the ability to communicate on topics which may be private and might be of interest to individuals in other places. I would be happy to discuss topics relating to law with individuals in Russia or South Africa, and they might not wish their communications to be publicly read! Someone in Miami or New York of Los Angeles might have interesting discussions of the United States Code which they do not wish to have publicized. Lawyers in Louisiana might wish to compare their Napoleonic code with regard to wills or real estate to the common law of Texas without publicly stating their views. Certainly judicial races would be areas where lawyers and others are particularly sensitive about discussing their views in public forums. There could be several reasons why someone might desire to communicate with regard to the topics I listed. Why did I choose the form I chose to list these things? First and foremost, I wanted to include "key words" so that if someone had a particular interest and they typed in a key word, my key would appear as an option. Second, if they had use of my experience, knowledge or services, they could contact me, and if they just wanted to chat, they knew the areas of my expertise and knew what I did for a living. I have a hobby in computers, but I also love the law and enjoy discussions of the law and history. JS> a lawyer in California, where I live. As to your comment JS> about using the ID fields to locate people you wish to JS> communicate with, well... PGP is not a penpal-finding JS> service. I'm interested in backpacking, besides privacy JS> issues--but you don't see me putting that in my user ID. PGP is what we make of it. It is written to allow several ID fields to fully identify the person whose key is listed. I chose to make full use of this ability of the program. You may not choose to use it to find a penpal. If you have private messages to send to people, you can place those persons on your special public key ring. If you are dealing with large key rings containing the keys of numerous people you never met and do not know, why do you have the key ring in the first place? The only reason you should have a ring of that nature is if the individual keys so fully identify the person that you know their name, how trusted the key is, how to contact them, and why you might wish to contact them (their expertise, etc...) Without all these things, what use is such a public key ring? JS> If everyone misused their keys the way you did, all of JS> our keyrings would be bloated beyond belief, and we JS> would be unable to add many keys before receiving "out JS> of memory" errors. Again, perhaps either PGP should be changed to limit the amount of information which can be placed into the ID field, PGP should be written to allow LARGE key rings on machines with a minimum or RAM, or we as a group should debate and consider the size of ASCII public keys which are appropriate for distribution. Shawn McMahon wrote: SM> It was in poor taste. I understand that the community frowns on advertising in general. I did not include prices, etc... but did include areas in which I possess special information. Tastes and mores change with time and circumstances. I agree that my public key may be offensive or annoying to individuals at this time. If others follow my suggestion that public keys contain in the ID field more information than bare name and address, but actually identify the complete person whose key it is, then while some will always consider it to be bad taste, it might become acceptable to the community at large. Does this make me a pioneer in the field of poor taste? ;) 201434369420143436942014343694201434369420143436942014343694718 From: Basil Hoyl Area: Public Key Encryption To: All 16 Nov 94 14:54:16 Subject: Lawyer 3/4 UpdReq SM> I suggest an alternate strategy; just put an indication SM> that you're an attorney, and the phone number of your SM> office. Your present strategy will generate a lot of SM> ill-will with net-heads; and after all, we're the only SM> ones who'll see it. Bad marketing idea. I agree that it is not an idea likely to generate business. Again, you are probably correct that "net-heads" are the ones most likely to encounter my pgp key. I am new to this pgp group. Most of the time when I joined a new group in the past, I am asked to introduce myself, and tell something about who I am and what I do. PGP keys are rather impersonal introductions and if I were in a group where a new individual was asked to introduce himself and he merely stated his name and sat down with nothing further, I would think that person to be cold and rude. Try to think of it as "Howdy." Thomas Hughes wrote: TH> jason carr wrote: TH> jc> I think it's fairly obnoxious TH> ditto. Ok, I do appreciate the statement that "it" was fairly obnoxious rather than my being fairly obnoxious. I do confess to being obnoxious at times, but then I am a lawyer and it is a professional hazard :) TH> jc> What are your thoughts on this? TH> i also think it's a really great excuse to bitch, but that's TH> about it. i also didn't think it formatted very nicely TH> when it printed out. he could have make it narrower, TH> and had multiple pages by including keys of different TH> sizes with seperate pages... I think it is a great excuse to (discuss), but I think that it is important to discuss these matters now. I will not be the only person to explore this area. I will admit that I never was an artist, and that the formatting could have been and still can be improved. My views on what should be in a pgp public key ID field should be clear, and my key is not simply an advertisement, but is the result of a philosophy of the method in which the capabilities of PGP should be used. I would like to hear, good and bad, what others in the conference think about this issue. Is it wrong to include in the ID section of your public key such items as your profession, snail mail address, or reasons why individuals might wish to send messages to you? Should the ID field include key words to topics in which you have expertise? What should be the maximum Permissible size of an ascii armored pgp public key file for distribution? If I offended anyone, I apologize. 201434369420143436942014343694201434369420143436942014343694718 From: Basil Hoyl Area: Public Key Encryption To: All 16 Nov 94 14:55:28 Subject: Lawyer 4/4 UpdReq -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAi5d9usAAAEEAOLd4Gb0BCp7/XVgP2LaSe0++ITkJmwnTeHtdK8kOPjaXYu2 fP1zV108eAD0gfI9z18eACxnrIiAadwPCBO+TC9jqPnnTKztM63gPnpPS0digj5N XkdmgSDWCJZujbwB5mGVPUc8q909kYxoaztRxFkJ8ruHB4bKOw2k7RnzbNCRAAUR tFRCYXNpbCBIb3lsLCBBdHRvcm5leSBhdCBMYXcgKDgxNykgNjg1LTA1NTU7IG1l dHJvICg4MTcpIDI2Ny00MTE0OyBmYXggKDgxNykgNjg1LTA1OTO0cFNhZmVjbyBM YW5kIFRpdGxlIE9mZmljZSAoRGFsbGFzL0Z0LldvcnRoKSA0MDAxIEFpcnBvcnQg RnJ3eS4gU3RlLiAxOTAsIEJlZGZvcmQsIFRYIDc2MDIxICAoZmVlIHNjaGVkdWxl IGJ5IGZheCm0k1JlYWwgRXN0YXRlLCBCdXNpbmVzcyBMaXRpZ2F0aW9uLCBEaXZv cmNlLCBGYW1pbHksIENoaWxkIEN1c3RvZHksIFN1cHBvcnQsIFBlcnNvbmFsIElu anVyeSwgVUNDLCBOb3QgQ2VydGlmaWVkLCBUZXhhcyBCb2FyZCBvZiBMZWdhbCBT cGVjaWFsaXphdGlvbg== =mh9j -----END PGP PUBLIC KEY BLOCK----- 1 -----BEGIN PGP MESSAGE----- Version: 2.6 iQCVAwUALsqJNQ2k7RnzbNCRAQFvqwQAvwduwY8SHxZ+vBWlEWqoh+KdShkUCjF7 n/maybM+1009toXUlXTiv1B0Zmh4vXfzlBZWyHdVbEa+9qzsnzWJL/+Ina7dQwmR DL+BBnxW/Gvu0nDOzccbaIBl3Z1Nj1c/1u1D5qGf0wP4uqoMY3EQPKVuXCybqPWL PjZDnW4GaIM= =mtSh -----END PGP MESSAGE----- 2 -----BEGIN PGP MESSAGE----- Version: 2.6 iQCVAwUALsqJgA2k7RnzbNCRAQELegP/UjlTPjdHiFJwoqibuoGWbf8Opu3BBe5C wB1AYc6ielxC25YUZrjPGxIblDHjelKBUEM/vqTTmGeA7SCdFtSHghSrTBESzvCc xd3je+s6+0oX9C0kVfMv5FbeKjy0pk/9VoNP0rVcRfjSlrQeJBPqz3iuhRjrtRVQ 4e32mJcAuag= =uikQ -----END PGP MESSAGE----- 3 -----BEGIN PGP MESSAGE----- Version: 2.6 iQCVAwUALsqJmw2k7RnzbNCRAQGPKwQAizXWzGi+xF0WxqpcjFOgyRWpdrJ9FJGC KORm/ujjQMekJV66qniZCHFrl6tDY5nAEuLaPklDon/ESNM/qFJAqGNoDsmyg/r/ mDd2kXCHlwjDQS8yDukjwbyVdTO02tSJ1NNgJBu/k3q/RxJC/miyVfKhm4gFYlpn VR8n/N/VtRs= =1BYh -----END PGP MESSAGE----- If I did this correctly, you should have my public key and signatures for the previous three messages. I would appreciate your comments on these issues. I am also interested in whether anyone has a listing of authorities which certify signatures (similar to a notary) as was suggested by Zimmerman in the documentation. Has anyone given any thoughts to the types of contracts and agreements which would be required? 201434369420143436942014343694201434369420143436942014343694718 From: John Mudge Area: Public Key Encryption To: Glen Todd 16 Nov 94 06:32:06 Subject: PGP and GoldEd UpdReq Hello Glen! Monday November 14 1994, Glen Todd writes to Wes Landaker: GT>> message containing a PGP signature but no message text. I've GT>> tried various batch file configurations, but haven't been able to GT>> figure out how to pass whitespace-containing user IDs in the GT>> batch files. Any suggestions out there? I am not sure if I understand your dilemma exactly, but if you are trying to get "John Mudge" from your batch file to a text file, use: ECHO John Mudge >> pgp.tmp to do the job. If I missed the question, please give an example and I will try to help. John Mudge jmudge@wln.com 201434369420143436942014343694201434369420143436942014343694718 From: John Mudge Area: Public Key Encryption To: Bill Brown 16 Nov 94 06:37:06 Subject: A proposal... UpdReq Hello Bill! Sunday November 13 1994, Bill Brown writes to John Mudge: JM>> I am at this time going to suggest that we move this to netmail as I JM>> have already been warned on the ZEC echo that echomail related topics JM>> off off-topic :-) and I would hate to have Christopher mad at me JM>> also... BB> I just thought I'd mention I enjoyed reading the proposal, and the BB> subsequent discussion, but certainly am not the moderator here. :) It did BB> seem on-topic to me when I read them, or at least in the same genre as BB> encryption issues. It is up to Christopher, and I suspect that if got too political he might request that we move it. In the meantime I am certainly willing to answer any questions. JM>> For a more direct FSC on encryption, though, see FSC-0073. The JM>> wording is very similar. BB> I'll have to check my uplinks for it. Thanks. I am not sure how widely it has been distributed, but I can make it available here if you wish. John Mudge jmudge@wln.com 201434369420143436942014343694201434369420143436942014343694718 From: Frank Hicinbothem Area: Public Key Encryption To: Scott Mills 19 Nov 94 01:33:02 Subject: PKZIP security UpdReq > PKZCRACK.ZIP contains to programs claiming to crack > them. You can freq it from me I attempted to do so about forty-five minutes ago. Instead of the file, I got one called ABOUT.DOC, which reads: I was unable to fill you file request. Please check the file name and try again. Freq FILES for a list of all the files on the board. 201434369420143436942014343694201434369420143436942014343694718 From: John Schofield Area: Public Key Encryption To: Shawn K. Quinn 15 Nov 94 14:23:44 Subject: ECPA and sysop only echos UpdReq -----BEGIN PGP SIGNED MESSAGE----- --====-- SKQ> Does the ECPA apply to sysop-only and other "non-public" echos (such SKQ> as DuckNet's CHO_MEMBER, reserved for CHO members only)? SKQ> Someone told me it did, but I wasn't completely sure. Where exactly is SKQ> the line drawn on matters of this type. Applies anywhere there's a reasonable expectation of privacy. In other words, a "public" area that only five people had access to would be protected, while one that 500 people could read would not be protected. I'm not a lawyer, but I fake it sometimes. YMMV. John -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLskxfGj9fvT+ukJdAQE0AwP/UaJFDLbEZ77bNMHC+0cuBOXzyl4CxITR iJyWth3wP2gOrwQCx/AIBQaY2Xuq8nCtFDdtPMlJqkv9Mfbc/vENY9ojyilHEVzO /eAAckSH0dBUCXzEyBFItA72zDu10Qs2XkMUPQd28KIdOL4VAXfmsR0omr7nKwiM /XE7lbfaKHU= =K6Oy -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... "When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl." 201434369420143436942014343694201434369420143436942014343694718 From: John Schofield Area: Public Key Encryption To: Jim Cannell 15 Nov 94 14:23:44 Subject: PKZIP security UpdReq -----BEGIN PGP SIGNED MESSAGE----- --====-- JC> Does anyone know about a method for cracking PKZIP passwords? Is JC> there a program (or a least an algorithm) available for this? If so, JC> where can I get a copy. Thanks. PKZCRACK.ZIP 47613 12-Oct-94 Password guesser to recover PKZipped files where the password has been lost. Configurable for character set to be used and length of password. Should be FREQable. I haven't used it. -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLskyQ2j9fvT+ukJdAQHLGgQAjmpCr0yaABv7POAOy0p0Ko+G89v2IydA F4ClK2vvmGe1IDJZv/+f8zxQjXGW4zrGsViGk420Mf29de0fDQC6cViMe5Kzgxsm IuwvT/EMuqGqrACxcAV7ImXkY5Pn9HmTWtUtU/6TUeqnDQrec1+UJfIYuPFs6ByK DDI9iVrpc1A= =OFfq -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... Dew knot trussed spell checquers to fined awl mist steaks. 201434369420143436942014343694201434369420143436942014343694718 From: John Schofield Area: Public Key Encryption To: Reed Darsey 18 Nov 94 14:53:58 Subject: Keep Out *FREE* magazine offer UpdReq -----BEGIN PGP SIGNED MESSAGE----- --== [ . . . ] we are offering a *FREE* sample issue to anyone who > requests one. Just send your name and mailing address to us, > and you'll soon receive an issue, with no strings attached. RD> Did this take place? RD> I received an e-mail confirmation that my address had been added to RD> that list, but so far haven't gotten anything. I'm 99% ready to RD> subscribe, but would like to see a sample issue first. RD> (I never got the e-mail version either, but that might be due to my RD> Internet connection's intermittency.) Keep Out is a labor of love, not a money-making business. I can not afford to devote full time to it yet. The second issue of Keep Out has been inexcusably delayed for far too long. It should be going to the printer early next week. (Knock on wood.) Everyone who requested a free copy will receive one. I will post an announcement in this and other message areas when I mail Keep Out. Incidentally, did anyone notice the review of Keep Out on page 183 of the December issue of Wired Magazine? They gave it a very nice review, which I appreciated very much. John Schofield Publisher, Keep Out -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLs0toWj9fvT+ukJdAQEXJAQAggUdXcLCySbvT+0PCwKvbqUmqhZhuzXc tuhq9YLYJmOYkI9Eboud/GSn6ya/GlJDM4NylHgLYV3q4xFxr3WzzaQX+8jAUSyf J5uHUW7GyGUCbkfuDiHK5a8ea1TKyxNbTATD9/cYTJ6nY1/S/phdZRvVyirHn0o0 7gzXGWM6oPg= =w+DO -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... "When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl." 201434369420143436942014343694201434369420143436942014343694718 From: Jason Carr Area: Public Key Encryption To: Glen Todd 19 Nov 94 14:24:12 Subject: Re: PGP and GoldEd UpdReq -----BEGIN PGP SIGNED MESSAGE----- jc> Pass the key ID instead: 0x________, where the underscores are jc> replaced by the Key Id characters. This method is also more likely to jc> be unique. jc> Or do you really need to use the User ID for some reason? GT> Nope, but I'm _very_ new at this and still feeling my way around. OIC. Well, you don't have to pass both parts of the User ID, ya know. My key id is "jason carr" but you could get by with "ason" or "jas" or "Car" or something like that AS LONG AS there's not another User Id on your ring with that string. Then you will get whichever one is first. :( If you're worried, use the KEY ID (obtained with the PGP -kv command). Here's the pertinent part of my -kv readout on the pubring on my laptop: ====== Key ring: 'c:\pgp\pubring.pgp' Type bits/keyID Date User ID pub 1024/F89A24F9 1994/05/18 Christopher Baker <1:374/14@fidonet.org> ^^^^^^^^ cbak.rights@opus.global.org pub 1024/4DF65099 1994/07/10 jason carr <1:124/3208@fidonet> ^^^^^^^^ 13 matching keys found. ======= Using the Key ID is the surest way to get the plaintext PGPed to the right person, although it can be a pain to remember. If you wanted to send me something, you could use -0x4df65099 (or any bit of the string of the key ID, with the same caveat as with portions of the User ID) as the target. I'm not sure I'm helping any... :-o jc -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP_ECHO: CypherEcho to the gods... iQCVAwUBLs5CZ0jhGzlN9lCZAQGSNwQAk04sTYU/CMcyYSQm4mAq+lpay4v8RSdk IZ9tnSvVa2ZkKGk4wszB2LqJ1d9+rBmb5ZjLful3PLm3seb29CFNlmZpqu9WseOS Mw6GXAxZy1FGkMOcLSBLDlvlK+NIHEHH/azT09xm2QgVOMOACgvN/0Xsj+SMGTba Dit9hs0lBNk= =OttY -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718