From: Turiyan Gold Area: Public Key Encryption To: David Chessler 27 Apr 95 02:09:00 Subject: Re: encrypted messages UpdReq David Chessler said this to Richard Dale at 04-18-95 19:29 about Re: encrypted DC> On 04-12-95 (22:00), Richard Dale, in a message to Victor Hugo about DC> When talking to foreigners it's not smart to use abbreviations for DC> obscure government agencies, like the Bureau of Alcohol, Tobacco, and DC> Firearms. BATF, by the way, has nothing to do with export of DC> munitions, or most other issues that might be on topic in this DC> conference. The only reason most people in the US has heard of it is DC> its unfortunate tendency to be trigger-happy, and to falsify evidence DC> for search warrants (as in the unfortunate events in Waco, Texas). Heheh, I like the comment. Maybe he meant the NSA. > best to assume that the government does not like encryption. Yes. Its a double edged sword. DC> -- DC> ___ __ david.chessler@neteast.com DC> d_)--/d chessler@capaccess.org chessler@trinitydc.edu -----BEGIN PGP MESSAGE----- Version: 2.3 owHrZJjKxMqoP9/TsPZS9UX1i3MzGRkXLGRh2Fy1f8rhHBUWlrCzU+fmJSVr37S5 H+Lf9DE24u0q3+2HAmXFPJKPpSVVfYiumW54edVRn3/VVf9tN8R5S79MevtZ0HxO 8tt3vx7eUDJ+veeUiGgZm+zeANXj1YJPa6YUi/bPvuhgZPTF+brHrFvRf67WpVpz m371PHB7/Yx1z6WOnU0UX5abuCazhCOxIL1AL7c4nQEIeLlAUE9PT8HQwkzHwMBA P7egWE9BwbNEvVghL79EIau0uEQhUSE9Pz9FITMlNREmV5KRqpCTWM7LFR8fr+CU U5qqEJ5YlqofGO6tUGakZ2jEywUA =Ikkj -----END PGP MESSAGE----- I am using AutoPGP 2.2b2 (unregistered)! 201434369420143436942014343694201434369420143436942014343694718 From: Turiyan Gold Area: Public Key Encryption To: Michael Babcock 27 Apr 95 02:14:00 Subject: Re: Exon bill passes as a UpdReq Michael Babcock said this to Glen Todd at 04-15-95 16:37 about Exon bill passe MB> -----BEGIN PGP SIGNED MESSAGE----- GT> Agreed -- loudly. I think that Fido policy should be changed ASAP GT> to permit encryption in netmail and in any echo that permits private GT> messages, and to permit clearsigning in _all_ areas. What areas dont allow clearsigning? ... COMMAND: A suggestion made to a computer ___ Blue Wave/QWK v2.12 I am using AutoPGP 2.2b2 (unregistered)! 201434369420143436942014343694201434369420143436942014343694718 From: Frits Spieker Area: Public Key Encryption To: Ted Rolle 25 Apr 95 02:24:00 Subject: PGP + Editors UpdReq -----BEGIN PGP SIGNED MESSAGE----- Saturday April 22 1995 00:48, Ted Rolle was heard muttering about "PGP + Editors" to All: TR> I've heard that the method of linking PGP and GoldEd that is described TR> in the docs doesn't work in all cases (like mine!). Does anyone have First of all: What version of GoldEd are you using.... I'm using 2.50 at the moment and the 'mariage' with PGP is -near- perfect. Odinn Sorensen (the author of GoldEd) included the code of a small but very useful Dutch program, called GOLDPGP, into this version of GoldEd. If you have an earlier version of GoldEd than 2.50, I'd say take a look at GOLDPGP. I'm sure it's around in the States as well and if not I'm more than willing to upload it to Chris Bakers system. Grtz, // Frits // -----BEGIN PGP SIGNATURE----- Version: 2.6a iQCVAwUBL5yWbA91Utn/c32ZAQFudwP+LCGkcOOyPulD1h/aiG8nA24xVTZTCIo+ hIwapUsdVcJtJobNqKNEKJZe8UUdTOUclXPq7rGx8hVPyG+5kAIpsgDcNnObKv0X yzpIea7/VVY3MsX4Tt57dkr4/QQSpRWkWSN6mIjzcbecu5Mc+yio95g8SZTYlC9W JJ7ysHVakoc= =neUw -----END PGP SIGNATURE----- ... Garlic is good for you! 201434369420143436942014343694201434369420143436942014343694718 From: Turiyan Gold Area: Public Key Encryption To: Andy Hayes 27 Apr 95 02:19:00 Subject: Re: PGP stuff UpdReq Andy Hayes said this to All at 04-24-95 04:12 about PGP stuff AH> Is there an add-on utilty for OLX (or OLX-td) that will allow me AH> to use PGP with it? Yes, its called autopgp. I just recieved it. I am using it in this message. All you have to do to sign a message is type a command in [], and it configures for many bbs software. -----BEGIN PGP MESSAGE----- Version: 2.3 owEB9QAK/4kAlQIFAS+fSTh90nvRJ9GdaQEBoboD/0gZIilOiJgo/ZCmDCYJMX6M QiXDah+mapP1aknGCXt9cW2wZNaaa9g4tTM9YLwB6MHqRHi0sqn68fg1HFWUsUXn AyMNjukk1W464zmeh+uvXYM+LwM1hzvjUc6EL9K06asYYEf9lJLCQgz78wgmKaD+ noMmoPGzr1VGr6o2TizLrFt0CGFwZ3AubXNnAAAAAA0KDQoNCi4uLiBDb21pbmcg U29vbiEhICBNb3VzZSBTdXBwb3J0IGZvciBFZGxpbiEhDQpfX18gQmx1ZSBXYXZl L1FXSyB2Mi4xMg0K =4Dma -----END PGP MESSAGE----- I am using AutoPGP 2.2b2 (unregistered)! 201434369420143436942014343694201434369420143436942014343694718 From: Randy Edwards Area: Public Key Encryption To: All 28 Apr 95 13:28:18 Subject: Re: Russia Bans 'Unapproved' EncryptionUpdReq * Original Message Posted via ANEWS * Date: 27 Apr 95 16:45:26 * From: Randy Edwards @ 1:325/805 * To: All * Forwarded by: Christopher Baker @ 1:374/14 * Message text was not edited! @MSGID: 1:325/805 01618687 From: Igor V. Semenyuk Subject: Decree on encryption in Russia Gentle readers! I want to bring your attention to the recent Yeltsin's decree entitled "On the measures of law enforcement in design, production, implementation and use of encrypting tools, and also in offering services of information encyption". The decree has been issued on April, 3, 1995 and is in force from the publication date (April, 6, 1995, "Rossijskaja gazeta", N68). I have no English translation available, volunteers are welcome to do the translation (I can provide Russian KOI8 text). It is the worst re-incarnation of "Clipper"'s case, with the following pecularities: - unlike Clipper the decree explicitly prohibits use of *any* encryption technology that doesn't have a certificate from FAPSI (Federal Agency of State Communications and Information - former KGB department). - unlike Clipper there's no information about encryption technology designed and implemented by FAPSI, which is supposed to be the only allowed encryption technology - unlike Clipper there are no provisions for securing the procedure of (possible) "backdoor" decryption of data by law-enforcement bodies (under court warrant or whatever) - the decree prohibits import of non-certified encryption tools The ground for all these points is "fighting organized crime". The net result of the decree is that right now *any* encryption tool/method but the one offered by FAPSI is illegal and individuals and oragnizations using it may be prosecuted. With liberate interpretation of the decree unix password encryption may be found illegal, not mentioning zip and arj encryption. This may have a disastrous impact on all information/communicaton. I doubt anything similar to anti-Clipper movement can be done in Russia... It's a difference between Democracy and "democracy". Anyway may be media can bring attention to this problem. PS. I'm crossposting this to FSUMedia and IPRussia lists. Feel free to re-distribute the message. -- Igor V. Semenyuk Internet: iga@sovam.com SOVAM Teleport Phone: +7 095 956 3008 Moscow, Russia -- MPost/2 v1.1 @ Origin: Socialism OnLine! * Home of ANEWS * Venceremos! * (1:325/805) *PATH: 325/805 3615/50 374/1 98 14 201434369420143436942014343694201434369420143436942014343694718 From: Turiyan Gold Area: Public Key Encryption To: Tom Almy 27 Apr 95 02:24:00 Subject: Re: Send/rec PGP Msg's UpdReq Tom Almy said this to Jason Carr at 04-26-95 06:41 about Send/rec PGP Msg's TA> -----BEGIN PGP SIGNED MESSAGE----- TA> I'd say those that are doing it wrong are treating it like a game. And TA> I've seen plenty of that. It takes a lot of work to follow all the TA> suggestions in the PGP manual. I bet that an overwhelming majority of TA> users: TA> 1. have the private keyring publicly accessible TA> 2. have a poor passphrase TA> 3. trust public keys on PGP_KEYS and on Internet keyservers TA> 4. sign keys where they aren't absolutely sure about the owner (meet TA> them personally and check IDs). How is 4. possible internationally? -----BEGIN PGP MESSAGE----- Version: 2.3 owHrZJjKxMqoP9/TrvZS9UX1i3MzGRkPK7Ew9NUY7HiYcSdzW1yagq2M+iaha5ZK +97Ucq6c5/OJwS0/zGLLght22btXTLoQLPMo80BITku5hGC3ZNCcP7Pu8Ds9aru7 Oeoq9+TYVJG5mV8i3F9efrEs4Pacsr3uQh1nZ1z+G8+9ViRO+NKrRY6nxMycf3nV Wk4+3qx682F1nJvY7qjVnlLRa1JLOBIL0gv0covTGYCAl4uXS09PT0EjMr9UITkx TyEjsSxVoTK/tAjIy07VVIjwD0JIpiaWIMnxcsXHxys45ZSmKoQDdekHhnsrlBnp GRrxcgEA =5T+J -----END PGP MESSAGE----- I am using AutoPGP 2.2b2 (unregistered)! 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Michael Babcock 29 Apr 95 07:59:46 Subject: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- JC> I run PGP_ECHO here between Dallas and Fort Worth, and many JC> OtherNets (FTNs) have echos set up for that purpose. Fido just isn't JC> that friendly to PGP. MB> If this echo is at all well-used, contact my sysop here, MB> Stewart Charleton, with the details, he might be interested MB> (he's NC for 224 too). Well, it's used well, if not that frequently. :) It might be a waste of LD money to poll it up to the Great White North, as it's more or less just a way to practice one's PGP/editor setup. But I'd certainly give your sysop a feed if s/he were interested. jason ... Be vewy, vewy quiet....I'm hunting tagwines. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Cryptography and echomail aren't mutually exclusive. iQCVAwUBL6JU5UjhGzlN9lCZAQEwDwP+KxHViD05R5rx778vVfTy8Hon1D3D916U OOQ7+pF1h0mGpBNDa0+Bwfy1ci6Y8VaMfIiHa+41Djb8bP3B61DOgGpRtNmXl5N2 LiHTfPjJWf4jmwx9Fjhbwtcbv/4tc4npF1fiMmxY91/M5G1NDMLHkxqRxsHa0Rgg fJHk/mlL+BU= =+y+y -----END PGP SIGNATURE----- ... Key fingerprint = 60 97 B2 AE 7D 90 11 2F 05 1C 35 98 E9 B9 83 61 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Jeffrey Bloss 29 Apr 95 08:03:24 Subject: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- Jeffrey Bloss wrote in a message to Jason Carr: JC>> What if you need to have secure commo within a group? Encryted echomail JC>> is a beautiful answer... JB> I agree with TA... encryption has a place, but I don't feel JB> it's inside a public, widely distributed echo. It somehow Ahhh, public and widely distributed. That's different. Let's consider a few ideas (since I had a good night's sleep and am feeling chipper :): I will take "public, widely distributed," to mean "fidonet Z1 backboned" unless that's very inaccurate. I concede that person-to-single-person encryption in an echo may be inappropriate and even annoying. After all, it's costing sysops $$$. (So do moronic, incomprehensible posts, however, but we do not ban them just because we cannot understand them. :) However, "widely-distributed" by itself does not throw a wrench into this system. Let's say I work for IBM, and the supervisors (45 of us) need to share sensitive ideas in 14 cities. An encrypted echomail base would be a nice solution. You could either include each key ID on the command line, or you could all be running a copy of a secret key generated for that project. (Hmmm.... I ran that idea out here a month or so ago and got no responses) JB> defeats the "open forum" idea, and only ups the number of But it /would/ be open to all the targeted recipients. If they were the only people in the echo then it would certainly be an open forum. Even if they weren't the only people there, they may be the only one's reading a given thread, anyway. How many people read every thread in a conference? JB> bytes SysOps have to move. Broadcasting encrypted messages JB> to all sites is a waste of time, bytes and most often $$$. JB> If you're gonna encrypt, route the message directly to the JB> receiver(s). Sometimes echoing /is/ moving it directly to the recievers. Depends on what the echo is, and to whom it's distributed. JB> I agree with you. :) I think "games" are a super way of JB> learning real life skills. Screwing up in a friendly JB> environment lowers the chances of making the same mistakes JB> "when the chips are down". That was the idea. I mean, I've seen plaintext copies of decrypted text floated accidentally back into the echo from a misconfigured .BATch file.... JC>> 90% of people are idiots, regardless of their use or non-use of PGP. JB> I think it's more like "90% of people are uneducated in JB> their use or non-use of PGP". :) If 90% are idiots, there's JB> a real good chance either you or I fall into that category. JB> I do fall in there, frequently. Actually, my claim sounded a lot more cynical than it was supposed to. It was an allusion to the quote: 90% of [I can't remember] is crap, but then again 90% of everything is crap. JB> My car has fresh oil as of 3 days ago, but I only have one JB> kitchen knife (my favorite) I keep as sharp as I should. I JB> guess that makes *me* the idiot. OTOH, I can JB> shave with my pocket knife... I may have to reconsider. ;) My point is that the unthinking herd animals out there pick up a tool and expect it to work wonders. To get it to really /work/, one has to understand how it /wants/ to work, and help it achieve that desire (so to speak). [ie knowing where the car wants to be shifted, how the knife is balanced, etc] jason ... Any sufficiently advanced magic looks like technology. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Cryptography and echomail aren't mutually exclusive. iQCVAwUBL6JiHkjhGzlN9lCZAQHWqgP/Yllm3Dat7oah/uivATSeSKDl+XuP8l4n QfsVCX2IIxuax6ezyPpCR9tmO16rWMElMzc/TgvtWU0giR8kEeU+fGJy998oc6wK TbOTT+aAmeVHwDjsgYGVep7qgNKbtgmslVND92rcGtxaX5gwfRKjemV0wgksrRwf OheI4JgbAW0= =X6+n -----END PGP SIGNATURE----- ... Key fingerprint = 60 97 B2 AE 7D 90 11 2F 05 1C 35 98 E9 B9 83 61 201434369420143436942014343694201434369420143436942014343694718