[gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Chris Walters]

I am truly surprised that Gentoo, and more GNU/Linux and *BSD sites did not
join in the 'blackout'.  The only one I saw that did was opensuse.org .

These laws, as I understand them, and I am no lawyer, could be used against
open source kernels, operating system tools, and other open source applications
by companies that would benefit by eliminating competition or potential
competition.

The definition of infringement is so broad, and the blocking is required with
just a single complaint - it could really be used to wreak havoc on the
Internet, in general, and by the big players to eliminate the smaller
competition.  Lame alone could shut down just about every distribution and
their mirrors since the mp3 encoder algorithms are patented and cross-patented
in so many ways that just the distribution of the source code could result in a
complaint and many blocks.

Chris


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120118-1, 01/18/2012
Tested on: 1/18/2012 6:55:49 PM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Chris Walters wrote:
> I am truly surprised that Gentoo, and more GNU/Linux and *BSD sites did not
> join in the 'blackout'.  The only one I saw that did was opensuse.org .
>
> These laws, as I understand them, and I am no lawyer, could be used against
> open source kernels, operating system tools, and other open source applications
> by companies that would benefit by eliminating competition or potential
> competition.
>
> The definition of infringement is so broad, and the blocking is required with
> just a single complaint - it could really be used to wreak havoc on the
> Internet, in general, and by the big players to eliminate the smaller
> competition.  Lame alone could shut down just about every distribution and
> their mirrors since the mp3 encoder algorithms are patented and cross-patented
> in so many ways that just the distribution of the source code could result in a
> complaint and many blocks.
>
> Chris
>

I bypassed the wiki black out.  I used adblock to disable the part that 
blacks everything out.  I was doing some research on my health issues 
and I wanted more than a black screen.  I like the way Google did it.  
It was certainly noticeable but you could still use the site.  If Google 
had went down, people would have found the competition and that may not 
be good in the long run, law or no law.  Who really competes with Google 
anyway?  I wonder if a Google search would work on that?  LOL

I don't like the law and honestly I don't like 99% of the laws they even 
think about much less pass.  Trust me, I let my Rep know several times 
that I oppose both of them and even got a phone call today from one of  
them.  I also pointed out that no law we pass here affects the people 
overseas.  Last I heard, when you got a few miles off shore, our laws 
pretty much end.  The people in other countries are going to hack and 
steal and host whatever they want as long as it benefits them.  They 
could care less what our laws are.  They may be laughing at us too.  I 
know I could care less what laws they pass somewhere else.

Little piece of info about me.  If you want to get me really going, put 
a politician on TV and let his lips move.  I can give a sailor a run for 
his money.  O_O

Dale

:-)  :-)

-- 
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Frank Steinmetzger]

[-- Attachment #1: Type: text/plain, Size: 1092 bytes --]

On Wed, Jan 18, 2012 at 07:21:12PM -0600, Dale wrote:

> > I am truly surprised that Gentoo, and more GNU/Linux and *BSD sites did not
> > join in the 'blackout'.  The only one I saw that did was opensuse.org .
> > […]

> I bypassed the wiki black out.  I used adblock to disable the part that 
> blacks everything out.

Actually, that could have been one of their points -- it is very easy to
circumvent*.

Thanks to the blessings of NoScript, I surf with JS mostly disabled, so I
wouldn’t have seen it either.  However, it is specifically stated on the Wiki
page that tells about the blackout) -- they kept a loophole open for
“emergencies” (whatever those are).


* As far as I heard about those laws (which isn’t as much as I [cs]hould have),
  they intent to do more than the simple DNS censoring from which our European
  politicians are getting their wet dreams.
-- 
Gruß | Greetings | Qapla'
I forbid any use of my email addresses with Facebook services.

Bank -- an institution where you can borrow money
for the proof that you don’t need it.

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Frank Steinmetzger wrote:
> On Wed, Jan 18, 2012 at 07:21:12PM -0600, Dale wrote:
>
>>> I am truly surprised that Gentoo, and more GNU/Linux and *BSD sites did not
>>> join in the 'blackout'.  The only one I saw that did was opensuse.org .
>>> […]
>> I bypassed the wiki black out.  I used adblock to disable the part that
>> blacks everything out.
> Actually, that could have been one of their points -- it is very easy to
> circumvent*.
>
> Thanks to the blessings of NoScript, I surf with JS mostly disabled, so I
> wouldn’t have seen it either.  However, it is specifically stated on the Wiki
> page that tells about the blackout) -- they kept a loophole open for
> “emergencies” (whatever those are).
>
>
> * As far as I heard about those laws (which isn’t as much as I [cs]hould have),
>    they intent to do more than the simple DNS censoring from which our European
>    politicians are getting their wet dreams.


I'm like this.  The internet, although it can have its bad points, has 
done really well without Governments, at least ours, getting their 
fingers in the pie.  One thing I have learned is that when you want to 
really screw up a good thing, get the Government involved.  I read a 
neat way of explaining this a good while back.  Governments create a 
problem, claim they are fixing it when there is none, then spend 
billions trying to fix the fix that wasn't needed to begin with.  I wish 
I had wrote down each time I saw this happen.  Thing is, I don't think I 
can afford that much paper and I'm not sure I have enough drive space 
either.

Here's to hoping Governments learn they can't regulate thought or 
stupidity.

Dale

:-)  :-)

-- 
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Chris Walters]

On 1/18/2012 08:21 PM, Dale wrote:
> I don't like the law and honestly I don't like 99% of the laws they even think
> about much less pass.  Trust me, I let my Rep know several times that I oppose
> both of them and even got a phone call today from one of  them.  I also pointed
> out that no law we pass here affects the people overseas.  Last I heard, when
> you got a few miles off shore, our laws pretty much end.  The people in other
> countries are going to hack and steal and host whatever they want as long as it
> benefits them.  They could care less what our laws are.  They may be laughing
> at us too.  I know I could care less what laws they pass somewhere else.

Check this out (and note this is without SOPA or PIPA).

http://www.youtube.com/watch?v=NzS5rSvZXe8&feature=share

The US is notorious for extending our(not) laws to other countries.

> Little piece of info about me.  If you want to get me really going, put a
> politician on TV and let his lips move.  I can give a sailor a run for his
> money.  O_O

That's why I don't watch news channels - too much chance of exposure to
politicians (worse than gamma radiation to me)...

Chris


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120118-1, 01/18/2012
Tested on: 1/18/2012 10:04:30 PM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Francisco Blas Izquierdo Riera (klondike)]

[-- Attachment #1: Type: text/plain, Size: 1190 bytes --]

El 19/01/12 00:55, Chris Walters escribió:
> I am truly surprised that Gentoo, and more GNU/Linux and *BSD sites did not
> join in the 'blackout'.  The only one I saw that did was opensuse.org .
Some of us did support the movement on our ways, for example the Gentoo
Hardened team didn't twit  the main points of today's meeting unlike we
usually do as a way of protest, but of course nobody in the team
complained about that.

The problem is, in order to get something bigger, you'll probably need
to get approval by either the Council or the Board of Trustees, maybe
even from both but, the meetings of these guys have their own dates
(last council meeting was on the 10th and last trustees ones on the
15th) and nobody on the community (this includes you) raised the issue
of blacking out the page.

Of course, anybody from infra could just have gone ahead and done it but
if anybody complained he would have had to respond to the Council for
that so nobody wanted to take the risk.

So what now? Well if you want to see Gentoo opossing SOPA and PIPA
openly you should raise those points to the council and the trustees so
they discuss them on the next meeting.


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 262 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Chris Walters wrote:
> On 1/18/2012 08:21 PM, Dale wrote:
>> I don't like the law and honestly I don't like 99% of the laws they even think
>> about much less pass.  Trust me, I let my Rep know several times that I oppose
>> both of them and even got a phone call today from one of  them.  I also pointed
>> out that no law we pass here affects the people overseas.  Last I heard, when
>> you got a few miles off shore, our laws pretty much end.  The people in other
>> countries are going to hack and steal and host whatever they want as long as it
>> benefits them.  They could care less what our laws are.  They may be laughing
>> at us too.  I know I could care less what laws they pass somewhere else.
> Check this out (and note this is without SOPA or PIPA).
>
> http://www.youtube.com/watch?v=NzS5rSvZXe8&feature=share
>
> The US is notorious for extending our(not) laws to other countries.
>
>> Little piece of info about me.  If you want to get me really going, put a
>> politician on TV and let his lips move.  I can give a sailor a run for his
>> money.  O_O
> That's why I don't watch news channels - too much chance of exposure to
> politicians (worse than gamma radiation to me)...
>
> Chris
>
I shared this on facebook too.  This thing is getting a LOT of 
attention.  Next they will try to outlaw Linux.  O_O

I watch the news but I try to get it straight from the horses backside.  
We are talking about politicians you know.  lol

Dale

:-)  :-)

-- 
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Alan McKinnon]

On Wed, 18 Jan 2012 20:08:42 -0600
Dale <rdalek1967@gmail.com> wrote:

> Frank Steinmetzger wrote:
> > On Wed, Jan 18, 2012 at 07:21:12PM -0600, Dale wrote:
> >
> >>> I am truly surprised that Gentoo, and more GNU/Linux and *BSD
> >>> sites did not join in the 'blackout'.  The only one I saw that
> >>> did was opensuse.org . […]
> >> I bypassed the wiki black out.  I used adblock to disable the part
> >> that blacks everything out.
> > Actually, that could have been one of their points -- it is very
> > easy to circumvent*.
> >
> > Thanks to the blessings of NoScript, I surf with JS mostly
> > disabled, so I wouldn’t have seen it either.  However, it is
> > specifically stated on the Wiki page that tells about the blackout)
> > -- they kept a loophole open for “emergencies” (whatever those are).
> >
> >
> > * As far as I heard about those laws (which isn’t as much as I
> > [cs]hould have), they intent to do more than the simple DNS
> > censoring from which our European politicians are getting their wet
> > dreams.
> 
> 
> I'm like this.  The internet, although it can have its bad points,
> has done really well without Governments, at least ours, getting
> their fingers in the pie.  One thing I have learned is that when you
> want to really screw up a good thing, get the Government involved.  I
> read a neat way of explaining this a good while back.  Governments
> create a problem, claim they are fixing it when there is none, then
> spend billions trying to fix the fix that wasn't needed to begin
> with.  I wish I had wrote down each time I saw this happen.  Thing
> is, I don't think I can afford that much paper and I'm not sure I
> have enough drive space either.
> 
> Here's to hoping Governments learn they can't regulate thought or 
> stupidity.

Humanity starts things and continues things. This is good.

Governments stop things. This is only sometimes good.



-- 
Alan McKinnnon
alan.mckinnon@gmail.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[v_2e]

  Hello!

On Wed, 18 Jan 2012 19:21:12 -0600
Dale <rdalek1967@gmail.com> wrote:
> ...
> I also pointed out that no law we pass here affects the
> people overseas.  Last I heard, when you got a few miles off shore,
> our laws pretty much end.  The people in other countries are going to
> hack and steal and host whatever they want as long as it benefits
> them.  They could care less what our laws are.  They may be laughing
> at us too.  I know I could care less what laws they pass somewhere
> else.
> 
  From what I know for sure, many people in different countries
supported the opposition to these bills  because they understand that
this is not just a US problem. If it happens there, it can easily be
repeated anywhere. And the point of opposing the US government
decisions for people in other countries, to my mind, is to state there
point of view *before* their local government try to do the same. And
that's important.

  Regards,
    Vladimir

----- 
 <v_2e@ukr.net>

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Alan McKinnon wrote:
> On Wed, 18 Jan 2012 20:08:42 -0600
> Dale <rdalek1967@gmail.com> wrote:
> 

>> Here's to hoping Governments learn they can't regulate thought or 
>> stupidity.
> 
> Humanity starts things and continues things. This is good.
> 
> Governments stop things. This is only sometimes good.
> 
> 
> 


Well said.  I know the Government, about any kind, is seldom the
solution to anything, including a problem.

While on this subject, sort of.  Who on here as their email set up to
encrypt and decrypt emails?  I want to test some things OFF LIST.

Dale

:-)  :-)


-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Chris Walters]

On 1/19/2012 01:44 AM, v_2e@ukr.net wrote:
>   Hello!
>
>   From what I know for sure, many people in different countries
> supported the opposition to these bills  because they understand that
> this is not just a US problem. If it happens there, it can easily be
> repeated anywhere. And the point of opposing the US government
> decisions for people in other countries, to my mind, is to state there
> point of view *before* their local government try to do the same. And
> that's important.
> 
>   Regards,
>     Vladimir
> 
> ----- 
>  <v_2e@ukr.net>

There are also points that:
1. These bills go way beyond filtering to a mandate to for Internet backbone
providers block entire domains on the basis of one complaint of IP infringement
- no evidence need be provided and there is no hearing.  This would have an
effect on the Internet, as a whole, since much Internet traffic goes through
the US infrastructure.

2. These bills criminalize something that no other country I am aware of has
criminalized - IP (Copyright, Patent, and Trademark) infringement.  It would
become a 5 year felony to "violate" this law.

3. The US is well known for its efforts to apply US law to the citizens of
other countries - in fact, they are already doing this the a student from the
United Kingdom.  The US has demanded the extradition of this non-US citizen to
face criminal charges in the US, for something that is NOT unlawful in the U.K.
 It also eliminates the US Copyright tradition of "fair use".

I urge you to watch the Youtube video that I linked to, and to visit those
sites.  The more people who become aware of the truth of these bills, their
sponsors, and the danger to not only US citizens, but also to citizens of any
country that has an extradition treaty with the US, the better.

There is another issue that would threaten the existence of Gentoo, Debian, and
basically any GNU/Linux or *BSD distribution.  Most distros I have seen include
LAME, either as source (in the case of Gentoo) or in binary form.  Well, guess
what.  The mp3 encoder algorithms that LAME uses are heavily patent encumbered.
 This means that one complaint by the patent holders and Gentoo or any other
distro that includes LAME (yes, even only as source code), could result in ALL
Internet providers in the US being required to actively block the entire domain
for the distro, and ALL of its mirrors (which include many Universities and
some of them would take preemptive action and stop mirroring all distros lest
they be effectively shut down, especially if they are US-based).  There are
other patent encumbered packages in most distros, and any of them could result
in a total block of them and their mirrors if a complaint is issued.

This is why I was so shocked that the GNU/Linux and *BSD communities have not
been more active in opposing these bills.  The definition of infringement is so
broad that it could and would be easily abused by the profiteers of the US that
support them (actually, most of the supporters are multinational corporations).
 This threatens the whole of what the Internet has stood for since its very
beginnings.

Off my soap box, so to speak,
Chris


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120118-1, 01/18/2012
Tested on: 1/19/2012 5:29:28 AM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Chris Walters]

On 1/19/2012 01:27 AM, Alan McKinnon wrote:
> Humanity starts things and continues things. This is good.
> 
> Governments stop things. This is only sometimes good.

Agreed.

Chris


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120118-1, 01/18/2012
Tested on: 1/19/2012 5:30:31 AM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Yohan Pereira]

[-- Attachment #1: Type: text/plain, Size: 271 bytes --]

On Thursday 19 Jan 2012 08:27:20 Alan McKinnon wrote:
> Humanity starts things and continues things. This is good.
> 
> Governments stop things. This is only sometimes good

im fairly certain it was humanity that started this whole goverment thing.

-- 

- Yohan Pereira

[-- Attachment #2: Type: text/html, Size: 2211 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Alan McKinnon]

On Thu, 19 Jan 2012 16:11:24 +0530
Yohan Pereira <yohan.pereira@gmail.com> wrote:

> On Thursday 19 Jan 2012 08:27:20 Alan McKinnon wrote:
> > Humanity starts things and continues things. This is good.
> > 
> > Governments stop things. This is only sometimes good
> 
> im fairly certain it was humanity that started this whole goverment
> thing.
> 

Yes that is indeed true :-)

But governments (and that part of humanity that is attracted to
governments and wants to join them) have since evolved into something
entirely different



-- 
Alan McKinnnon
alan.mckinnon@gmail.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Chris Walters]

On 1/19/2012 05:41 AM, Yohan Pereira wrote:
> im fairly certain it was humanity that started this whole goverment thing.

True.  Once started, though, governments tend to evolve on their own - I am
pretty certain that most government officials are from another planet.
Besides, isn't it up to humanity to fix government when it becomes too toxic to
live with?

Chris


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120118-1, 01/18/2012
Tested on: 1/19/2012 6:03:30 AM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Alan McKinnon]

On Thu, 19 Jan 2012 06:03:29 -0500
Chris Walters <cjw2004d@comcast.net> wrote:

> On 1/19/2012 05:41 AM, Yohan Pereira wrote:
> > im fairly certain it was humanity that started this whole goverment
> > thing.
> 
> True.  Once started, though, governments tend to evolve on their own
> - I am pretty certain that most government officials are from another
> planet. Besides, isn't it up to humanity to fix government when it
> becomes too toxic to live with?

If by "fix" you mean "wage war on and shoot", then yes :-)

It seems like that is the only method humanity uses to fix it's
governments that go toxic - witness the last year's events in that part
of the world that has lots of desert




-- 
Alan McKinnnon
alan.mckinnon@gmail.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout. Fixing.

[Chris Walters]

On 1/19/2012 06:58 AM, Alan McKinnon wrote:
> If by "fix" you mean "wage war on and shoot", then yes :-)
> 
> It seems like that is the only method humanity uses to fix it's
> governments that go toxic - witness the last year's events in that part
> of the world that has lots of desert

By "fix" I mean repair, make better or replace with a new version.  Shooting
and waging wars of violence are not the only way of fixing a toxic government.
 Witness Ghandi.  His method of "wag(ing) war" was non-violent and
non-cooperative.  It worked, though.

I admit that those methods don't always work, but neither do the violent ones.

Chris


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120118-1, 01/18/2012
Tested on: 1/19/2012 7:07:38 AM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Chris Walters]

On 1/19/2012 05:29 AM, Chris Walters wrote:
> On 1/19/2012 01:44 AM, v_2e@ukr.net wrote:
>>   Hello!
>>
>>   From what I know for sure, many people in different countries
>> supported the opposition to these bills  because they understand that
>> this is not just a US problem. If it happens there, it can easily be
>> repeated anywhere. And the point of opposing the US government
>> decisions for people in other countries, to my mind, is to state there
>> point of view *before* their local government try to do the same. And
>> that's important.
>>
>>   Regards,
>>     Vladimir
>>
>> ----- 
>>  <v_2e@ukr.net>
> 
> There are also points that:
> 1. These bills go way beyond filtering to a mandate to for Internet backbone
> providers block entire domains on the basis of one complaint of IP infringement
> - no evidence need be provided and there is no hearing.  This would have an
> effect on the Internet, as a whole, since much Internet traffic goes through
> the US infrastructure.
> 
> 2. These bills criminalize something that no other country I am aware of has
> criminalized - IP (Copyright, Patent, and Trademark) infringement.  It would
> become a 5 year felony to "violate" this law.
> 
> 3. The US is well known for its efforts to apply US law to the citizens of
> other countries - in fact, they are already doing this the a student from the
> United Kingdom.  The US has demanded the extradition of this non-US citizen to
> face criminal charges in the US, for something that is NOT unlawful in the U.K.
>  It also eliminates the US Copyright tradition of "fair use".
> 
> I urge you to watch the Youtube video that I linked to, and to visit those
> sites.  The more people who become aware of the truth of these bills, their
> sponsors, and the danger to not only US citizens, but also to citizens of any
> country that has an extradition treaty with the US, the better.
> 
> There is another issue that would threaten the existence of Gentoo, Debian, and
> basically any GNU/Linux or *BSD distribution.  Most distros I have seen include
> LAME, either as source (in the case of Gentoo) or in binary form.  Well, guess
> what.  The mp3 encoder algorithms that LAME uses are heavily patent encumbered.
>  This means that one complaint by the patent holders and Gentoo or any other
> distro that includes LAME (yes, even only as source code), could result in ALL
> Internet providers in the US being required to actively block the entire domain
> for the distro, and ALL of its mirrors (which include many Universities and
> some of them would take preemptive action and stop mirroring all distros lest
> they be effectively shut down, especially if they are US-based).  There are
> other patent encumbered packages in most distros, and any of them could result
> in a total block of them and their mirrors if a complaint is issued.
> 
> This is why I was so shocked that the GNU/Linux and *BSD communities have not
> been more active in opposing these bills.  The definition of infringement is so
> broad that it could and would be easily abused by the profiteers of the US that
> support them (actually, most of the supporters are multinational corporations).
>  This threatens the whole of what the Internet has stood for since its very
> beginnings.
> 
> Off my soap box, so to speak,
> Chris

Well, at least my original post caused some conversation and maybe caused some
people to think about this proposed legislation, research it and consider the
effects that it might have upon the Gentoo, and the whole GNU/Linux and *BSD
communities as a whole.

I understand the ambivalence of many on this issue.  Gentoo and all other
distributions are global, and the Internet is global.  I used to share this
sense that no one law could curtail the freedom of this wonderful system we
have.  That is until I actually started researching these bills, and their
sponsors - they, too are global - the are mega-weathy and they want to control
the Internet.

Chris


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120119-1, 01/19/2012
Tested on: 1/19/2012 11:48:40 AM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Frank Steinmetzger]

[-- Attachment #1: Type: text/plain, Size: 472 bytes --]

On Thu, Jan 19, 2012 at 12:53:07AM -0600, Dale wrote:

> While on this subject, sort of.  Who on here as their email set up to
> encrypt and decrypt emails?  I want to test some things OFF LIST.

Well, if you had signed your mail, then I could write you encrypted. :)
-- 
Gruß | Greetings | Qapla'
I forbid any use of my email addresses with Facebook services.

“Microsoft isn't evil, they just make really crappy operating systems.”
  – Linus Torvalds

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Chris Walters]

[-- Attachment #1: Type: text/plain, Size: 453 bytes --]

On 1/19/2012 11:57 AM, Frank Steinmetzger wrote:
> On Thu, Jan 19, 2012 at 12:53:07AM -0600, Dale wrote:
> 
>> While on this subject, sort of.  Who on here as their email set up to
>> encrypt and decrypt emails?  I want to test some things OFF LIST.
> 
> Well, if you had signed your mail, then I could write you encrypted. :)

This is a test.  Enigmail has been trying to use a revoked and expired key to
sign my messages, lately.

Chris


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Paul Hartman]

On 1/19/2012 11:32 AM, Chris Walters wrote:
> On 1/19/2012 11:57 AM, Frank Steinmetzger wrote:
>> On Thu, Jan 19, 2012 at 12:53:07AM -0600, Dale wrote:
>>
>>> While on this subject, sort of.  Who on here as their email set up to
>>> encrypt and decrypt emails?  I want to test some things OFF LIST.
>>
>> Well, if you had signed your mail, then I could write you encrypted. :)
> 
> This is a test.  Enigmail has been trying to use a revoked and expired key to
> sign my messages, lately.
> 
> Chris

Looks good to me, at least based on what's presently available in the
keyservers.

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Chris Walters wrote:
> On 1/19/2012 11:57 AM, Frank Steinmetzger wrote:
>> On Thu, Jan 19, 2012 at 12:53:07AM -0600, Dale wrote:
>>
>>> While on this subject, sort of.  Who on here as their email set up to
>>> encrypt and decrypt emails?  I want to test some things OFF LIST.
>>
>> Well, if you had signed your mail, then I could write you encrypted. :)
> 
> This is a test.  Enigmail has been trying to use a revoked and expired key to
> sign my messages, lately.
> 
> Chris
> 


I have a question now.  I got a message from Paul Hartman and replied to
it, off list, and it was encrypted and I hope my reply was too.  My
question is this.  How do you make a email that only the sender and
receiver can read?  As a example.  I'm talking to a Doctor or a lawyer
and I don't want anyone but that person to see the email.  How do I do
that?  Can that be done.

The message that I am repying to appears to be something, encypted
maybe, but I think anyone on this list that uses the tool can read it.
Am I correct?

I'm trying to get a full understanding of this thing.  Ya'll know how I
am.  lol

Dale

:-)  :-)


-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Paul Hartman]

On Thu, Jan 19, 2012 at 4:04 PM, Dale <rdalek1967@gmail.com> wrote:
> Chris Walters wrote:
>> On 1/19/2012 11:57 AM, Frank Steinmetzger wrote:
>>> On Thu, Jan 19, 2012 at 12:53:07AM -0600, Dale wrote:
>>>
>>>> While on this subject, sort of.  Who on here as their email set up to
>>>> encrypt and decrypt emails?  I want to test some things OFF LIST.
>>>
>>> Well, if you had signed your mail, then I could write you encrypted. :)
>>
>> This is a test.  Enigmail has been trying to use a revoked and expired key to
>> sign my messages, lately.
>>
>> Chris
>>
>
>
> I have a question now.  I got a message from Paul Hartman and replied to
> it, off list, and it was encrypted and I hope my reply was too.  My
> question is this.  How do you make a email that only the sender and
> receiver can read?  As a example.  I'm talking to a Doctor or a lawyer
> and I don't want anyone but that person to see the email.  How do I do
> that?  Can that be done.
>
> The message that I am repying to appears to be something, encypted
> maybe, but I think anyone on this list that uses the tool can read it.
> Am I correct?
>
> I'm trying to get a full understanding of this thing.  Ya'll know how I
> am.  lol

There are basically 2 things PGP/GPG normally does for emails: signing
and encrypting. They are not mutually exclusive.

Signing (like you see on a lot of messages on this list, for example)
is about the person who SENT the message. It lets you verify that the
person who wrote the message is who you think they are, and that the
contents of the message itself have not been altered.

Encrypting is about the person RECEIVING the message. If you encrypt,
it makes it so the message cannot be read by anyone except for the
recipients you specified when encrypting it. (The sender is usually
added to the encrypted recipients automatically, in case he needs to
read his own sent message at a later date). Encryption is obviously in
very bad taste on a public mailing list. :)

So if you send a message that is both signed + encrypted, it will
verify the identity of the sender as well as restrict the ability to
read to only the people the sender wants.

You can also use PGP keys for authentication (with an OpenPGP
smartcard), and for signing files, which works just like signing
email.

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Alan McKinnon]

On Thu, 19 Jan 2012 16:04:11 -0600
Dale <rdalek1967@gmail.com> wrote:

> Chris Walters wrote:
> > On 1/19/2012 11:57 AM, Frank Steinmetzger wrote:
> >> On Thu, Jan 19, 2012 at 12:53:07AM -0600, Dale wrote:
> >>
> >>> While on this subject, sort of.  Who on here as their email set
> >>> up to encrypt and decrypt emails?  I want to test some things OFF
> >>> LIST.
> >>
> >> Well, if you had signed your mail, then I could write you
> >> encrypted. :)
> > 
> > This is a test.  Enigmail has been trying to use a revoked and
> > expired key to sign my messages, lately.
> > 
> > Chris
> > 
> 
> 
> I have a question now.  I got a message from Paul Hartman and replied
> to it, off list, and it was encrypted and I hope my reply was too.  My
> question is this.  How do you make a email that only the sender and
> receiver can read?  As a example.  I'm talking to a Doctor or a lawyer
> and I don't want anyone but that person to see the email.  How do I do
> that?  Can that be done.
> 
> The message that I am repying to appears to be something, encypted
> maybe, but I think anyone on this list that uses the tool can read it.
> Am I correct?
> 
> I'm trying to get a full understanding of this thing.  Ya'll know how
> I am.  lol

Well we first need to be accurate. It's not a case that only you and
Paul can read the encrypted mail. It's a case that only a
machine holding the necessary private key can decrypt it, and then the
mail can be read in plain text. Not quite the same thing as what you
said, as private keys can be stolen.

If Paul encrypted the mail using your public key, then only the private
key you hold can decrypt it. Similarly, if you encrypt a mail to Paul
using his public key, then only Paul's private key can decrypt it.

There's no known way to decrypt a mail like that without the single
private key needed (this works exactly like https traffic to your
bank). I feel very confident saying "no known way" as cracking that
puzzle has been the Holy Grail of maths prizes for 40 years and no-one
has announced success. Seeing as mathematicians are a vain lot, and the
one that accomplishes this feat with be showered with honour and glory
for all time (making Einstein look like a child), it's a safe
assumption that it hasn't been done yet.

To check if the mail was encrypted, simply tell EnigMail to not decrypt
it. It will show as gobbledegook, then only the recipient can decrypt
it (as long as the private key stays safe).

To make this all work, you need to share public keys with each other.
But you don't need to do it in secret as the public keys are, well,
public. So you stick them on a key server where the other guy can
retrieve them and away you go, profit!!! There's a few other steps you
should do to establish trust in the public key (they can be forged) but
that's beyond the scope of explaining how the keys work.

The answer to your question is then yes.

I suppose next you'll be wanting to know what fields to fill in in your
specific mail app to enable it your end, right?




-- 
Alan McKinnnon
alan.mckinnon@gmail.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Chris Walters]

[-- Attachment #1: Type: text/plain, Size: 2385 bytes --]

On 1/19/2012 05:04 PM, Dale wrote:
> Chris Walters wrote:
>>
>> This is a test.  Enigmail has been trying to use a revoked and expired key to
>> sign my messages, lately.
>>
>> Chris
>>
> 
> 
> I have a question now.  I got a message from Paul Hartman and replied to
> it, off list, and it was encrypted and I hope my reply was too.  My
> question is this.  How do you make a email that only the sender and
> receiver can read?  As a example.  I'm talking to a Doctor or a lawyer
> and I don't want anyone but that person to see the email.  How do I do
> that?  Can that be done.

Yes, see below.  It looks like you are using a web interface (Firefox) to send
and reply to messages.  I would suggest emerging Thunderbird
(emerge -av thunderbird).  There is an add on called Enigmail for this mail
client that makes encrypting, signing and decrypting messages, much easier.
You need gnupg, as well.

> The message that I am repying to appears to be something, encypted
> maybe, but I think anyone on this list that uses the tool can read it.
> Am I correct?

If the message is encrypted to them, then yes.  If not, no.  You need a secret
key to decrypt a message that is encrypted, and if anyone seeing it is not on
the list of recipients, they will not have that key.

> I'm trying to get a full understanding of this thing.  Ya'll know how I
> am.  lol

With OpenPGP or PGP/MIME, you would have to share your public key with the
other party - this would allow that party to encrypt messages to you.  You
would also have to have the public key of the other party to encrypt to them.

For example, if you wanted to encrypt to me, you'd have to retrieve my public
key from a keyserver or I'd have to send it to you.  You would have to either
sign a message (and have uploaded your public key to a keyserver), or send me
your public key.

You could then encrypt a message to me, and you could add yourself to the
recipient list so you could read it.  Then, when I received the message, I
would be prompted for my secret key's passphrase - this would allow decryption
of the message.  Providing that I replied to you and chose the "encrypt"
option, the entire message, including any quotes would be encrypted.

Hope this helps,
Chris

--
Multibooting: wearing two socks of different colors and types, with two
different boots... ;)


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Matthew Finkel]

[-- Attachment #1: Type: text/plain, Size: 1664 bytes --]

On Thu, Jan 19, 2012 at 5:04 PM, Dale <rdalek1967@gmail.com> wrote:

> Chris Walters wrote:
> > This is a test.  Enigmail has been trying to use a revoked and expired
> key to
> > sign my messages, lately.
> >
> > Chris
> >
> I have a question now.  I got a message from Paul Hartman and replied to
> it, off list, and it was encrypted and I hope my reply was too.  My
> question is this.  How do you make a email that only the sender and
> receiver can read?  As a example.  I'm talking to a Doctor or a lawyer
> and I don't want anyone but that person to see the email.  How do I do
> that?  Can that be done.


Yes, this occurs when the messages are actually encrypted. Both the sender
and receiver must generate a public and private key. The public key
is...public. Anyone and everyone can use it to encipher a message. However,
the private key should be..well, private. It is the key that
can decipher the message. Assuming the receiver keeps this key secret, all
messages that are encrypted with the public key will only be read by
him/her.


>

The message that I am repying to appears to be something, encypted
> maybe, but I think anyone on this list that uses the tool can read it.
> Am I correct?
>

I'm using gmail right now, so I can't verify, but the message was most
likely signed but not encrypted. By signing the message, Chris verified
that he actually sent it and it wasn't someone impersonating. (This all
hinges on the fact that you previously received his signature and trust
that it was authentic then)



> I'm trying to get a full understanding of this thing.  Ya'll know how I
> am.  lol
>
> Dale
>
> :-)  :-)
>
>
Matt
-- 
Matthew Finkel

[-- Attachment #2: Type: text/html, Size: 2553 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 910 bytes --]

On Fri, 20 Jan 2012 00:42:16 +0200, Alan McKinnon wrote:

> There's no known way to decrypt a mail like that without the single
> private key needed (this works exactly like https traffic to your
> bank). I feel very confident saying "no known way" as cracking that
> puzzle has been the Holy Grail of maths prizes for 40 years and no-one
> has announced success. Seeing as mathematicians are a vain lot, and the
> one that accomplishes this feat with be showered with honour and glory
> for all time (making Einstein look like a child), it's a safe
> assumption that it hasn't been done yet.

Unless he works for GCHQ/NSA or any other government's security services.

Remember, RSA was invented several years before R, S and A did so, by a
mathematician working at GCHQ (the UK's communication monitoring
department).


-- 
Neil Bothwick

Maybe... How much are you bribing me this time?

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Paul Hartman wrote:


> There are basically 2 things PGP/GPG normally does for emails: signing
> and encrypting. They are not mutually exclusive.
> 
> Signing (like you see on a lot of messages on this list, for example)
> is about the person who SENT the message. It lets you verify that the
> person who wrote the message is who you think they are, and that the
> contents of the message itself have not been altered.
> 
> Encrypting is about the person RECEIVING the message. If you encrypt,
> it makes it so the message cannot be read by anyone except for the
> recipients you specified when encrypting it. (The sender is usually
> added to the encrypted recipients automatically, in case he needs to
> read his own sent message at a later date). Encryption is obviously in
> very bad taste on a public mailing list. :)
> 
> So if you send a message that is both signed + encrypted, it will
> verify the identity of the sender as well as restrict the ability to
> read to only the people the sender wants.
> 
> You can also use PGP keys for authentication (with an OpenPGP
> smartcard), and for signing files, which works just like signing
> email.
> 
> 


I think I get this now.  When I sign the message, someone else opens it,
then it shows up that I signed it with the digital signature.  Anyone
can read it tho.  It's public as any normal email.  Everyone just knows
it came from my rig is all.

When I encypt a message, only the person that I select the keys for can
open it.  Example.  I hit send and select your name in the little box
that pops up.  Then only you can see the message but others on the list
can't since I only sent you the keys.  Am I close?

I'm using Seamonkey by the way.  When I hit send, I get a pop up window
that lists all the key thingys.  I'm not sure how other clients do this.
 I select which keys in that thing then it sends it.

Dale

:-)  :-)

-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Mick]

[-- Attachment #1: Type: Text/Plain, Size: 952 bytes --]

On Thursday 19 Jan 2012 22:44:12 Chris Walters wrote:
> On 1/19/2012 05:04 PM, Dale wrote:

> > I have a question now.  I got a message from Paul Hartman and replied to
> > it, off list, and it was encrypted and I hope my reply was too.  My
> > question is this.  How do you make a email that only the sender and
> > receiver can read?  As a example.  I'm talking to a Doctor or a lawyer
> > and I don't want anyone but that person to see the email.  How do I do
> > that?  Can that be done.
> 
> Yes, see below.  It looks like you are using a web interface (Firefox) to
> send and reply to messages.  I would suggest emerging Thunderbird
> (emerge -av thunderbird).  There is an add on called Enigmail for this mail
> client that makes encrypting, signing and decrypting messages, much easier.
> You need gnupg, as well.

There are plugins for FF that can use S/MIME and I believe GnuPG/PGP to 
encrypt gmail.

-- 
Regards,
Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Alan McKinnon wrote:
> On Thu, 19 Jan 2012 16:04:11 -0600 Dale <rdalek1967@gmail.com>
> wrote:
> 
>> Chris Walters wrote:
>>> On 1/19/2012 11:57 AM, Frank Steinmetzger wrote:
>>>> On Thu, Jan 19, 2012 at 12:53:07AM -0600, Dale wrote:
>>>> 
>>>>> While on this subject, sort of.  Who on here as their email
>>>>> set up to encrypt and decrypt emails?  I want to test some
>>>>> things OFF LIST.
>>>> 
>>>> Well, if you had signed your mail, then I could write you 
>>>> encrypted. :)
>>> 
>>> This is a test.  Enigmail has been trying to use a revoked and 
>>> expired key to sign my messages, lately.
>>> 
>>> Chris
>>> 
>> 
>> 
>> I have a question now.  I got a message from Paul Hartman and
>> replied to it, off list, and it was encrypted and I hope my reply
>> was too.  My question is this.  How do you make a email that only
>> the sender and receiver can read?  As a example.  I'm talking to
>> a Doctor or a lawyer and I don't want anyone but that person to
>> see the email.  How do I do that?  Can that be done.
>> 
>> The message that I am repying to appears to be something,
>> encypted maybe, but I think anyone on this list that uses the
>> tool can read it. Am I correct?
>> 
>> I'm trying to get a full understanding of this thing.  Ya'll know
>> how I am.  lol
> 
> Well we first need to be accurate. It's not a case that only you
> and Paul can read the encrypted mail. It's a case that only a 
> machine holding the necessary private key can decrypt it, and then
> the mail can be read in plain text. Not quite the same thing as
> what you said, as private keys can be stolen.
> 
> If Paul encrypted the mail using your public key, then only the
> private key you hold can decrypt it. Similarly, if you encrypt a
> mail to Paul using his public key, then only Paul's private key can
> decrypt it.
> 
> There's no known way to decrypt a mail like that without the
> single private key needed (this works exactly like https traffic to
> your bank). I feel very confident saying "no known way" as cracking
> that puzzle has been the Holy Grail of maths prizes for 40 years
> and no-one has announced success. Seeing as mathematicians are a
> vain lot, and the one that accomplishes this feat with be showered
> with honour and glory for all time (making Einstein look like a
> child), it's a safe assumption that it hasn't been done yet.
> 
> To check if the mail was encrypted, simply tell EnigMail to not
> decrypt it. It will show as gobbledegook, then only the recipient
> can decrypt it (as long as the private key stays safe).
> 
> To make this all work, you need to share public keys with each
> other. But you don't need to do it in secret as the public keys
> are, well, public. So you stick them on a key server where the
> other guy can retrieve them and away you go, profit!!! There's a
> few other steps you should do to establish trust in the public key
> (they can be forged) but that's beyond the scope of explaining how
> the keys work.
> 
> The answer to your question is then yes.
> 
> I suppose next you'll be wanting to know what fields to fill in in
> your specific mail app to enable it your end, right?
> 
> 
> 
> 


I don't think so.  I been chatting with Paul off list.  I can open his
encypted emails and he can open mine.  I think we call that success?

I think I got this now.  I got one more message to read tho.  Getting
it explained in more than one way helps me.  I have to have that light
bulb moment.  ;-)

Dale

:-)  :-)

-- 
I am only responsible for what I said ... Not for what you understood
or how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Chris Walters wrote:
> On 1/19/2012 05:04 PM, Dale wrote:
>> Chris Walters wrote:
>>> 
>>> This is a test.  Enigmail has been trying to use a revoked and
>>> expired key to sign my messages, lately.
>>> 
>>> Chris
>>> 
>> 
>> 
>> I have a question now.  I got a message from Paul Hartman and
>> replied to it, off list, and it was encrypted and I hope my reply
>> was too.  My question is this.  How do you make a email that only
>> the sender and receiver can read?  As a example.  I'm talking to
>> a Doctor or a lawyer and I don't want anyone but that person to
>> see the email.  How do I do that?  Can that be done.
> 
> Yes, see below.  It looks like you are using a web interface
> (Firefox) to send and reply to messages.  I would suggest emerging
> Thunderbird (emerge -av thunderbird).  There is an add on called
> Enigmail for this mail client that makes encrypting, signing and
> decrypting messages, much easier. You need gnupg, as well.
> 

Close.  Sort of.  I actually use Seamonkey as my emailly program.


>> The message that I am repying to appears to be something,
>> encypted maybe, but I think anyone on this list that uses the
>> tool can read it. Am I correct?
> 
> If the message is encrypted to them, then yes.  If not, no.  You
> need a secret key to decrypt a message that is encrypted, and if
> anyone seeing it is not on the list of recipients, they will not
> have that key.
> 

I'm starting to see this now.  When I sign a message, it is public but
people are assured that it came from me.  Sort of like having a check
with a picture ID that matches.  :/


>> I'm trying to get a full understanding of this thing.  Ya'll know
>> how I am.  lol
> 
> With OpenPGP or PGP/MIME, you would have to share your public key
> with the other party - this would allow that party to encrypt
> messages to you.  You would also have to have the public key of the
> other party to encrypt to them.
> 
> For example, if you wanted to encrypt to me, you'd have to retrieve
> my public key from a keyserver or I'd have to send it to you.  You
> would have to either sign a message (and have uploaded your public
> key to a keyserver), or send me your public key.
> 
> You could then encrypt a message to me, and you could add yourself
> to the recipient list so you could read it.  Then, when I received
> the message, I would be prompted for my secret key's passphrase -
> this would allow decryption of the message.  Providing that I
> replied to you and chose the "encrypt" option, the entire message,
> including any quotes would be encrypted.
> 
> Hope this helps, Chris
> 
> -- Multibooting: wearing two socks of different colors and types,
> with two different boots... ;)
> 


So, this is why when I want to sign a message it asks me for the
password.  I thought it was trying to do something wrong.  Made me
scratch my head.

Mud is clearing up a bit.

Dale

:-)  :-)

- -- 
I am only responsible for what I said ... Not for what you understood
or how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8YpUwACgkQiBoxVpK2GMCz4QCeNBRDf8wmErruB5SVREcra4uu
6dQAnRnR8OuS0Mo5jcBnLNRGug0hkhK/
=XWWa
-----END PGP SIGNATURE-----

Re: [gentoo-user] Public key cryptography... (Used to be: Something about SOPA and PIPA)

[Chris Walters]

[-- Attachment #1: Type: text/plain, Size: 2234 bytes --]

On 1/19/2012 06:00 PM, Neil Bothwick wrote:
> On Fri, 20 Jan 2012 00:42:16 +0200, Alan McKinnon wrote:
> 
>> There's no known way to decrypt a mail like that without the single
>> private key needed (this works exactly like https traffic to your
>> bank). I feel very confident saying "no known way" as cracking that
>> puzzle has been the Holy Grail of maths prizes for 40 years and no-one
>> has announced success. Seeing as mathematicians are a vain lot, and the
>> one that accomplishes this feat with be showered with honour and glory
>> for all time (making Einstein look like a child), it's a safe
>> assumption that it hasn't been done yet.
> 
> Unless he works for GCHQ/NSA or any other government's security services.
> 
> Remember, RSA was invented several years before R, S and A did so, by a
> mathematician working at GCHQ (the UK's communication monitoring
> department).

Possible, but not too likely*.  RSA keys are based on two very large prime
numbers and their composite.  The two primes are hundreds of digits in length,
and are used to generate the cipher (public) key, and the decipher (secret)
key.  After which their composite is found and the two primes are discarded.

This type of public key cryptography is based on the difficulty of factoring
very large composites with only two very large prime factors, and is based in
number theory.  It can be done, but it usually takes years using distributed
computer networks.  It is possible that the NSA has found a magic formula to do
such factoring, but I find it more likely that the US Navy or the CIA would do
so first.  Remember, the NSA exists to monitor communications for "suspicious"
activity and this is what most of their supercomputers are used for (sifting
many emails, web page interactions, telephone conversations, and the like).

While I am sure the NSA has its share of cryptologists, and cryptographers, I
would hazard to say that the Navy has more, and so probably does the CIA/MI5
(or is it MI6 now?).

*DISCLAIMER: With any public key cryptosystem, there is a risk that you will be
using keys that have already been cracked.  If so, anyone who knows the crack
could decrypt your messages.

Chris


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Matthew Finkel]

[-- Attachment #1: Type: text/plain, Size: 680 bytes --]

On Thu, Jan 19, 2012 at 6:20 PM, Dale <rdalek1967@gmail.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Mud is clearing up a bit.
>

Excellent! Lookin good!


>
> Dale
>
> :-)  :-)
>
> - --
> I am only responsible for what I said ... Not for what you understood
> or how you interpreted my words!
>
> Miss the compile output?  Hint:
> EMERGE_DEFAULT_OPTS="--quiet-build=n"
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk8YpUwACgkQiBoxVpK2GMCz4QCeNBRDf8wmErruB5SVREcra4uu
> 6dQAnRnR8OuS0Mo5jcBnLNRGug0hkhK/
> =XWWa
> -----END PGP SIGNATURE-----
>
>
- Matt

[-- Attachment #2: Type: text/html, Size: 1256 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Matthew Finkel wrote:
> 
> 
> On Thu, Jan 19, 2012 at 6:20 PM, Dale <rdalek1967@gmail.com
> <mailto:rdalek1967@gmail.com>> wrote:
> 
> Mud is clearing up a bit.
> 
> 
>> Excellent! Lookin good!
> 
> 

Well, I get this on top of your message:

Error - No valid armored OpenPGP data block found

What's wrong with that?  Yours or mine?

Dale

:-)  :-)


-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] Please change this subject line.

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 1/19/2012 06:55 PM, Dale wrote:
> Matthew Finkel wrote:
>>
>>
>> On Thu, Jan 19, 2012 at 6:20 PM, Dale <rdalek1967@gmail.com
>> <mailto:rdalek1967@gmail.com>> wrote:
>>
>> Mud is clearing up a bit.
>>
>>
>>> Excellent! Lookin good!

When he quoted your message, he included part of your PGP signature in the
quoted part.  That's what caused that error.

Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJPGK7kAAoJEFHj8CHvnA9Y5EMQAJmc4DQxw4rC4kjZ3e1DiG4I
0Agq00Heb3GtaYebPfe8TsQmEBhfLloq0iO5L4j+szkxRJPR/YrmpgoVoz6wuTHz
zzScHW2VAzhtOL+UOnvDgkz9lfdplRudsg3muLfv1K6Ppq+0az5fbxYNSXI668+6
JzA5smYKBAS/wJh2N/9nrjXLJYRnR8mc5OFjkUVtKdJHUbKi3pT4SKhcPt/zNi91
Y/LD9ljmDxftP5CKtR5KHMUQ9NPUjNNuIiT7HlhsTKfqZPvzUUUGbjmfIhsyO/53
vEceioQBvfioooV+qr1SARV7x0oam0CFrphv+UKnzDzpOo3geuDuh0E0BEao1jvQ
P2O7g7b67+MD1AV3AUoQ8ekytiFXMKX5zKYuCWwqH6BckaXoVGtQ0Zphrwz1mWOt
5Fd1h07mOQwXFSnElypXvClV6ZJ5D8zXvzTHtSlBi+UN3M/IEZjcFfACR/cESgvk
0YH3FPLX0Fv3ZqsnNFWMy0o1V19QspNOT+cKGj0FjLY6BBo3yXU4buNcWC3beSwU
kPA7lS91ku2MbuJZkV+4sTr0YITtAZ62HVoDl7G3LYXsczseMZmbUmKgRtxs1V0N
pFTojemOpV4BYDJ4GMrFvxBJFA/D3gPu7XbdMcYAkf6zc467c71PttYkYZ3PKyPq
xlzFPWLrQUBWxo0k/MlF
=Oi7J
-----END PGP SIGNATURE-----


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120119-1, 01/19/2012
Tested on: 1/19/2012 7:01:42 PM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Mick]

[-- Attachment #1: Type: Text/Plain, Size: 2256 bytes --]

On Thursday 19 Jan 2012 23:20:44 Dale wrote:
> Chris Walters wrote:

> I'm starting to see this now.  When I sign a message, it is public but
> people are assured that it came from me.  Sort of like having a check
> with a picture ID that matches.  :/

Better than that.

Readers (all that have access to this list) can a)see that you have signed it 
and b)rest assured that no one has tampered with its content since you signed.  
If anyone intercepted the message mid-air and changed its content, your 
signature would show as bad in the recipients mail client (assuming they have 
a GnuPG/PGP compatible client).

BTW, your signature is not showing in Kmail ... are you using inline or 
opengpg/smime format?


> > You could then encrypt a message to me, and you could add yourself
> > to the recipient list so you could read it.  Then, when I received
> > the message, I would be prompted for my secret key's passphrase -
> > this would allow decryption of the message.  Providing that I
> > replied to you and chose the "encrypt" option, the entire message,
> > including any quotes would be encrypted.
> > 
> > Hope this helps, Chris

> So, this is why when I want to sign a message it asks me for the
> password.  I thought it was trying to do something wrong.  Made me
> scratch my head.

To avoid an easy misunderstanding about what the "password" does:

You are asked for a passphrase not because Chris used that passphrase to 
encrypt the message he sent you with (that would have been symmetric 
encryption and both of you would need to know in advance the secret 
passphrase).  Instead, you are asked for a passphrase to decrypt your own 
private gpg key which is stored in encrypted format on your hard drive for 
security purposes.  The private key once decrypted and loaded in memory will 
be used by your openpgp application to decrypt the message sent by Chris.

This is asymmetric encryption:  a sender can use your public key and their 
private key to encrypt a message to you, which only you can decrypt with your 
private key and the sender's public key.  Look at the picture on the right in 
this page:

http://en.wikipedia.org/wiki/Public-key_cryptography

HTH
-- 
Regards,
Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Public key cryptography... (Used to be: Something about SOPA and PIPA)

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 1561 bytes --]

On Thu, 19 Jan 2012 18:28:04 -0500, Chris Walters wrote:

> >> I feel very confident saying "no known way" as cracking that
> >> puzzle has been the Holy Grail of maths prizes for 40 years and
> >> no-one has announced success. Seeing as mathematicians are a vain
> >> lot, and the one that accomplishes this feat with be showered with
> >> honour and glory for all time (making Einstein look like a child),
> >> it's a safe assumption that it hasn't been done yet.  
> > 
> > Unless he works for GCHQ/NSA or any other government's security
> > services.

 
> Possible, but not too likely*.  RSA keys are based on two very large
> prime numbers and their composite.  The two primes are hundreds of
> digits in length, and are used to generate the cipher (public) key, and
> the decipher (secret) key.  After which their composite is found and
> the two primes are discarded.

I know it is extremely unlikely that anyone could crack it. My point was
that if someone did crack it, they would not necessarily shout about it.
If they worked for the security services, that would not want others to
know their encryption was insecure. Britain was selling Enigma machines
to their "friends" for decades after it was broken.
 
> While I am sure the NSA has its share of cryptologists, and
> cryptographers, I would hazard to say that the Navy has more, and so
> probably does the CIA/MI5 (or is it MI6 now?).

GCHQ, as mentioned above :)


-- 
Neil Bothwick

I am Zaphod of Borg. Now, where's the coolest place to be assimilated...

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Public key cryptography... (Used to be: Something about SOPA and PIPA)

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 1/19/2012 07:27 PM, Neil Bothwick wrote:
> On Thu, 19 Jan 2012 18:28:04 -0500, Chris Walters wrote:
>> Possible, but not too likely*.  RSA keys are based on two very large
>> prime numbers and their composite.  The two primes are hundreds of
>> digits in length, and are used to generate the cipher (public) key, and
>> the decipher (secret) key.  After which their composite is found and
>> the two primes are discarded.
> 
> I know it is extremely unlikely that anyone could crack it. My point was
> that if someone did crack it, they would not necessarily shout about it.
> If they worked for the security services, that would not want others to
> know their encryption was insecure. Britain was selling Enigma machines
> to their "friends" for decades after it was broken.

That is very true.  In fact, they'd likely do just what you brought up about
Britain selling Enigma machines to their "friends" after it was broken.  That
is that would likely promote the cipher(s) they know how to crack and dismiss
the ones they don't as being "not secure".

>> probably does the CIA/MI5 (or is it MI6 now?).
> 
> GCHQ, as mentioned above :)

GCHQ, eh?  What does that stand for, or is that a State secret?  Like the NSA =
"No Such Agency"...

Chris

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJPGLcmAAoJEFHj8CHvnA9YoRYP/R7Ln7rQc59J+By0cXnwgK6i
XeQgXHe3m02XKBqSxZVRihVPMUoUeJbs9ianemWgNq5I5WDD8qjnjFIMJv+3YHan
DHqJxIhnRiirMAsUowCxwFktjhN6kpQgOOZvxrxid+q5GpfEh39VM9+eiqogoHHK
R5aAf0SC6ZSOqmCx5vv/bfWXJPgxXeunyi3xZ7S+ZQZOQhVqu5XyMTHvwzibiMbX
zbbpRUIer8Sx+5C4+Vf317ftOhV7Ix2jIdSmJAUW0AxVuqSC6B3ab+PLTz7IVrui
a1RucF0B8zb5OJnLSSapB9K68U9X2j96RcnxyyrCQzTYEyf0ICIeWBTWeijqP1nd
qt2qWXMKFTK+5p9TOD53QJkATk0ZwOhnVbHmc/zPXHk20YgvwC3ucRkExVJW9sU5
Mre8YE6j7Ds/JegBIkp1TY7lfkNWXhmGVxwzTlIqveHIimtDwTPgxefrP67GHyt6
vjr+lWek+hj0Fix0xW542Oj4434+JNpxyUjqOjEiVQ8oPInsri/qBobLxVu3ZRd6
y6YI/NYD+8HRum/3YfKmkgWi6KuuJ9zqa12tpbwh83nNTsakY8emCEnLIXpfhy+K
CXGgIDxtX3tWuvOPtIt/OgWTIhPjNozlN7v+lSg42SC5cgMkSErsM/LFTYBZ65ti
kzrMYYwxfXUP22eJnbCx
=egVJ
-----END PGP SIGNATURE-----


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120119-1, 01/19/2012
Tested on: 1/19/2012 7:36:59 PM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Matthew Finkel]

[-- Attachment #1: Type: text/plain, Size: 628 bytes --]

On Thu, Jan 19, 2012 at 6:55 PM, Dale <rdalek1967@gmail.com> wrote:

> Matthew Finkel wrote:
> >
> >
> > On Thu, Jan 19, 2012 at 6:20 PM, Dale <rdalek1967@gmail.com
> > <mailto:rdalek1967@gmail.com>> wrote:
> >
> > Mud is clearing up a bit.
> >
> >
> >> Excellent! Lookin good!
> >
> >
>
> Well, I get this on top of your message:
>
> Error - No valid armored OpenPGP data block found
>
> What's wrong with that?  Yours or mine?
>
> Dale
>
> :-)  :-)


I'm using gmail right now, so my messages aren't signed. As such, I would
have to say neither. =)

I may be wrong and there actually is something amiss, anything is possible.

[-- Attachment #2: Type: text/html, Size: 1218 bytes --]

Re: [gentoo-user] Please change this subject line.

[Dale]

Chris Walters wrote:
> On 1/19/2012 06:55 PM, Dale wrote:
>> Matthew Finkel wrote:
>>> 
>>> 
>>> On Thu, Jan 19, 2012 at 6:20 PM, Dale <rdalek1967@gmail.com 
>>> <mailto:rdalek1967@gmail.com>> wrote:
>>> 
>>> Mud is clearing up a bit.
>>> 
>>> 
>>>> Excellent! Lookin good!
> 
> When he quoted your message, he included part of your PGP signature
> in the quoted part.  That's what caused that error.
> 
> Chris
> 
> 

Ohhh, great, something is to make sure to fix when quoting.  O_O

You live in the USA?  If yes, mind a off list question?

Dale

:-)  :-)


-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Mick wrote:
> On Thursday 19 Jan 2012 23:20:44 Dale wrote:
>> Chris Walters wrote:
> 
>> I'm starting to see this now.  When I sign a message, it is public but
>> people are assured that it came from me.  Sort of like having a check
>> with a picture ID that matches.  :/
> 
> Better than that.
> 
> Readers (all that have access to this list) can a)see that you have signed it 
> and b)rest assured that no one has tampered with its content since you signed.  
> If anyone intercepted the message mid-air and changed its content, your 
> signature would show as bad in the recipients mail client (assuming they have 
> a GnuPG/PGP compatible client).
> 
> BTW, your signature is not showing in Kmail ... are you using inline or 
> opengpg/smime format?
> 
> 

I don't have mine set up to sign them all.  I did a couple to see if it
worked or not.  Whenever I sign a message, it asks for the password.  It
is quite a long password and I don't want to type it in every time I
send something.


>>> You could then encrypt a message to me, and you could add yourself
>>> to the recipient list so you could read it.  Then, when I received
>>> the message, I would be prompted for my secret key's passphrase -
>>> this would allow decryption of the message.  Providing that I
>>> replied to you and chose the "encrypt" option, the entire message,
>>> including any quotes would be encrypted.
>>>
>>> Hope this helps, Chris
> 
>> So, this is why when I want to sign a message it asks me for the
>> password.  I thought it was trying to do something wrong.  Made me
>> scratch my head.
> 
> To avoid an easy misunderstanding about what the "password" does:
> 
> You are asked for a passphrase not because Chris used that passphrase to 
> encrypt the message he sent you with (that would have been symmetric 
> encryption and both of you would need to know in advance the secret 
> passphrase).  Instead, you are asked for a passphrase to decrypt your own 
> private gpg key which is stored in encrypted format on your hard drive for 
> security purposes.  The private key once decrypted and loaded in memory will 
> be used by your openpgp application to decrypt the message sent by Chris.
> 
> This is asymmetric encryption:  a sender can use your public key and their 
> private key to encrypt a message to you, which only you can decrypt with your 
> private key and the sender's public key.  Look at the picture on the right in 
> this page:
> 
> http://en.wikipedia.org/wiki/Public-key_cryptography
> 
> HTH


The password I was talking about is the one when I send a message.  It
does ask for the password when Paul was sending a message.  Those were
off list tho.  Anyway, when I put the password in, I can read the email.
 Otherwise, I can't read anything.

How sure are we that there is no back door the Government has to bypass
this?  Are we 99% sure or about 50/50 with our fingers crossed?

Dale

:-)  :-)
-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] Public key cryptography... (Used to be: Something about SOPA and PIPA)

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 489 bytes --]

On Thu, 19 Jan 2012 19:36:56 -0500, Chris Walters wrote:

> > GCHQ, as mentioned above :)  
> 
> GCHQ, eh?  What does that stand for, or is that a State secret?  Like
> the NSA = "No Such Agency"...

Going back to the start of this thread, Wikipedia's back on so you can
look it up :P

It's Government Communications Headquarters. It grew out of Bletchley
Park, where the Enigmas were cracked in WWII.


-- 
Neil Bothwick

Top Oxymorons Number 5: Twelve-ounce pound cake

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Paul Hartman]

[-- Attachment #1: Type: text/plain, Size: 524 bytes --]

On Thursday, January 19, 2012, Dale <rdalek1967@gmail.com> wrote:
> I don't have mine set up to sign them all.  I did a couple to see if it
> worked or not.  Whenever I sign a message, it asks for the password.  It
> is quite a long password and I don't want to type it in every time I
> send something.

If you use gpg-agent (and configure Enigmail to use it), it will remember
that you already entered your passphrase for some amount of time, so you
don't need to keep reentering it over and over during the same session.

[-- Attachment #2: Type: text/html, Size: 618 bytes --]

Re: [gentoo-user] Please change this subject line.

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 1/19/2012 08:26 PM, Dale wrote:
> Ohhh, great, something is to make sure to fix when quoting.  O_O
> 
> You live in the USA?  If yes, mind a off list question?
> 
> Dale
> 
> :-)  :-)

Yes I do live in the USA, and no I don't mind an off-list question.

Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJPGPjwAAoJEFHj8CHvnA9YtokP/3wEdlfJs+Li6nAeB1aXBvzX
HXxyP0/65V9CD4ApGCZnHg7CVIZWTUTBTTLv98QD8rTZTajXYA5Xs07mpPy5E4kg
RKUMBR2XawRzUQ07AT0sCOkqhqT/dRhGhuSQGXFDVaQC2hqW+fe4vnlnzfoUSpjV
2Q8cun1lbFe8MnQpPfCth4pW1Hrsj45btbwDAy4xebk7gLfM66anWGWqWqeYLkfC
yt72+XwB7QtYbu6GpK3zMsnTbDedinzLjSpf3bronMbU+LuX/HJ31RvLSBTxjcpb
4PnH3gSeOv/JAK99y/xbgG6lyUIJwc5O/EM26C7QiyMM1zrxeotg4wChHoDrZVAY
YGnQKZFvHocKGy+Ru0qnKT5HUU7mYaNlinKvjSDpx2OZuPh5od2dp2LvVX4D4yiI
XyeoGAPpQGxFTRAAAPdDuIkQSvK5VuRas6p+Qdze5RciiBeYcRajcy9Gjc/zd9lt
KK2ldCwZPNFWtTXzvEF99jz45Lm/xYXRPQU7BVvdwM9PGFtaBSlMq4kj59TQJXjQ
aJGiI4O/w2JjXitSNgMZ+JrsPZHdaI7gQ+IkbZKVYLxG/k+1y6EVwh+zv4TyDW20
7XmsmR1hbBSTxfwL6J5saxuNrmf4FKKPhrUD5+xNFB/0HVS2yt3bemZkeBtE8T49
H0mBs2KuiVt2DwKPj6f+
=KMDt
-----END PGP SIGNATURE-----


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120119-2, 01/19/2012
Tested on: 1/20/2012 12:17:39 AM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Frank Steinmetzger]

[-- Attachment #1: Type: text/plain, Size: 1567 bytes --]

On Thu, Jan 19, 2012 at 01:22:50PM -0600, Paul Hartman wrote:
> On 1/19/2012 11:32 AM, Chris Walters wrote:
> > On 1/19/2012 11:57 AM, Frank Steinmetzger wrote:
> >> On Thu, Jan 19, 2012 at 12:53:07AM -0600, Dale wrote:
> >>
> >>> While on this subject, sort of.  Who on here as their email set up to
> >>> encrypt and decrypt emails?  I want to test some things OFF LIST.
> >>
> >> Well, if you had signed your mail, then I could write you encrypted. :)
> > 
> > This is a test.  Enigmail has been trying to use a revoked and expired key to
> > sign my messages, lately.
> > 
> > Chris
> 
> Looks good to me, at least based on what's presently available in the
> keyservers.

Hm... I seem to be too dumb. Mutt tells me that the msg is signed, but doesn't
tell me by whom (I know that I need to have the public key in my keyring to see
a name, but it doesn't even tell me the key ID). Saving the whole mail to a
file and verifying the sig doesn't work either, that too is obvious because 1)
only the text is signed, not the rest of the mail and b) the signed stuff and
the sig need to be two different files for gpg --verify to work. So I saved the
signature.asc and the text separately. Now verification works and I see a key
ID, but using gpg --search <key ID> doesn't find the given key on the server.

GPGing was much easier when KMail still worked. ^^
-- 
Gruß | Greetings | Qapla'
I forbid any use of my email addresses with Facebook services.

The computer is not a miracle.
It only works so fast because it doesn’t think.

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] [OT] Digital signatures

[Mick]

[-- Attachment #1: Type: Text/Plain, Size: 1768 bytes --]

On Friday 20 Jan 2012 07:57:38 Frank Steinmetzger wrote:
> On Thu, Jan 19, 2012 at 01:22:50PM -0600, Paul Hartman wrote:
> > On 1/19/2012 11:32 AM, Chris Walters wrote:
> > > On 1/19/2012 11:57 AM, Frank Steinmetzger wrote:
> > >> On Thu, Jan 19, 2012 at 12:53:07AM -0600, Dale wrote:
> > >>> While on this subject, sort of.  Who on here as their email set up to
> > >>> encrypt and decrypt emails?  I want to test some things OFF LIST.
> > >> 
> > >> Well, if you had signed your mail, then I could write you encrypted.
> > >> :)
> > > 
> > > This is a test.  Enigmail has been trying to use a revoked and expired
> > > key to sign my messages, lately.
> > > 
> > > Chris
> > 
> > Looks good to me, at least based on what's presently available in the
> > keyservers.
> 
> Hm... I seem to be too dumb. Mutt tells me that the msg is signed, but
> doesn't tell me by whom (I know that I need to have the public key in my
> keyring to see a name, but it doesn't even tell me the key ID). Saving the
> whole mail to a file and verifying the sig doesn't work either, that too
> is obvious because 1) only the text is signed, not the rest of the mail
> and b) the signed stuff and the sig need to be two different files for gpg
> --verify to work. So I saved the signature.asc and the text separately.
> Now verification works and I see a key ID, but using gpg --search <key ID>
> doesn't find the given key on the server.
> 
> GPGing was much easier when KMail still worked. ^^

Yes, I dabbled with mutt but I found the gpg and s/mime rather cranky compared 
with the super-smooth integration of kmail and kgpg.  Unfortunately with 
kdepim-4.7 the whole kmail experience has been a rather unpleasant one for me.  
:(
-- 
Regards,
Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Chris Walters]

[-- Attachment #1: Type: text/plain, Size: 2447 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 1/20/2012 02:57 AM, Frank Steinmetzger wrote:
> On Thu, Jan 19, 2012 at 01:22:50PM -0600, Paul Hartman wrote:
>> On 1/19/2012 11:32 AM, Chris Walters wrote:
>>>
>>> This is a test.  Enigmail has been trying to use a revoked and expired key to
>>> sign my messages, lately.
>>>
>>> Chris
>>
>> Looks good to me, at least based on what's presently available in the
>> keyservers.
> 
> Hm... I seem to be too dumb. Mutt tells me that the msg is signed, but doesn't
> tell me by whom (I know that I need to have the public key in my keyring to see
> a name, but it doesn't even tell me the key ID). Saving the whole mail to a
> file and verifying the sig doesn't work either, that too is obvious because 1)
> only the text is signed, not the rest of the mail and b) the signed stuff and
> the sig need to be two different files for gpg --verify to work. So I saved the
> signature.asc and the text separately. Now verification works and I see a key
> ID, but using gpg --search <key ID> doesn't find the given key on the server.
> 
> GPGing was much easier when KMail still worked. ^^

Hmmm...  Have you tried running 'gpg -k | less' and searching for either
"Christopher Walters" or the keyid: EF9C0F58.  If my key is not in your public
keys, that would explain the problem identifying who signed the message.  It
sounds like it might be a problem with Mutt not importing the key, though I
could be wrong.

I only dabbled with Mutt a while ago, and now I don't even have an email client
set up on my Gentoo system.  This time, I'll include my key with the message,
so it will have the key.

Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJPGSihAAoJEFHj8CHvnA9Yh9YP/jYpE9mnf2iCY3ihJ3JkVFQ9
Z4t89c+lBnPqaPs2aGoSbjOMcoWziU1f8adoKXv4DxPFNArX1Qgk+VKbt0GN91D7
L+WFdA7Tn/qZi9WfvhmpMFrA2e73OwOq+vUPLhh6cspRULwXx505VXlcv9QStuFf
CfP1rA5WCU9zhikTwPgChZbiDwEZtfe7A8ypybdudHCeygPHQGBHuMV8Qt88inH6
dQIpH/5n1qimCtgQ+3qlVjordo9CU0FhklfhWT5n+zZhjlVOco8By68mISZjsLyH
g3LHzWnAeLI6G5tJ/wXVyFKCIaQTDsGMijqJA9ChEfO0M/wbiX4X+3yy8QxYUzsz
NgKDSqyYpdPVOdmwCvWgZ66epmZXOWWGWqZp5IVrvGTc+SXzrl6GBAosUdTeGk46
KKiNA9WQ7jasBYZvw21vYar1UxUG5UApMfSQmvmUPoJLjq8r4Ngh29Ed8MX83dSO
INDBpHQQ1X2QsLmY8PdA2/BxQ74Zu00DuK8W/ng2ujcpVNLcZOfKYdoCTB4dP8mk
jWpyK6D4+ogDrr+OQ7E9+oeIqku6IdNNRU50/86MgsoGwQTzprY+wauFNigh7sjF
ZfLTGxtjnZqend6buRenKz6sgKKqpl9mOxpLkrIxpRp3wwpNSSzT7mVoxLeV5IW9
YTMfanz4zXaoDYC/tAbD
=1iC+
-----END PGP SIGNATURE-----

[-- Attachment #2: 0xEF9C0F58.asc --]
[-- Type: application/pgp-keys, Size: 3098 bytes --]

[-- Attachment #3.1: avast info --]
[-- Type: text/plain, Size: 207 bytes --]



---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120119-2, 01/19/2012
Tested on: 1/20/2012 3:41:09 AM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Dale]

Paul Hartman wrote:
> On Thursday, January 19, 2012, Dale <rdalek1967@gmail.com
> <mailto:rdalek1967@gmail.com>> wrote:
>> I don't have mine set up to sign them all.  I did a couple to see if it
>> worked or not.  Whenever I sign a message, it asks for the password.  It
>> is quite a long password and I don't want to type it in every time I
>> send something.
> 
> If you use gpg-agent (and configure Enigmail to use it), it will
> remember that you already entered your passphrase for some amount of
> time, so you don't need to keep reentering it over and over during the
> same session.


Well, I dug around and found a time out setting.  It is set to 5
minutes.  At least I know I can change it or get er done in 5 minutes or
less.

Oooops.  "get er done" may violate SOPA.  Am I going to jail?  ROFL

Dale

:-)  :-)

-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.

[Tanstaafl]

On 2012-01-19 5:42 PM, Alan McKinnon <alan.mckinnon@gmail.com> wrote:
> There's no known way to decrypt a mail like that without the single
> private key needed (this works exactly like https traffic to your
> bank). I feel very confident saying "no known way" as cracking that
> puzzle has been the Holy Grail of maths prizes for 40 years and no-one
> has announced success. Seeing as mathematicians are a vain lot, and the
> one that accomplishes this feat with be showered with honour and glory
> for all time (making Einstein look like a child), it's a safe
> assumption that it hasn't been done yet.

Heh - yeah, *loved* the movie 'Sneakers'...

Setec Astronomy == Too Many Secrets