Once again: PGnus & PGP

Once again: PGnus & PGP

[Stefanie Teufel]

Huhu,

I'm still looking for a way to decrypt PGP-Messages in Pgnus. I've
attached a message (the Headers) which hopefully illustrates my problen. When I
click on the first button and select [1. application/pgp-encrypted], Gnus shows
me "Version: 1" 

A click on [2. application/octet-stream].. shows the following:

-----BEGIN PGP MESSAGE-----
Version: 2.6.3ia

hQEMAkGniMUOBNGJAQf/TVqfSbhT3WvH90RzDvqb9laZLvl8gQMkU1iTfnSeBk5b
uyc0JMLcAyRtcVeCdpV3wUvN1KZMDKg7sgRzLpCxsLRKqoYQqJpnQ7/E9VNLOKHD
Hjl1wNivdmxThkloog+Box1B5JL3M8ik3jXyWJYGuwR2u519Oda/X88najFOEJCs
qYAzALCT0ffjBMCN6OtmnmNgawGaVG6mjhpEfE319TqtH3BPb03G631Y1kDo0ZjV
IDDpCsx68TPn7DeqX9je5U+8pgPRqTEsALuDj1HgxO5O8R3EiRsz7v7i/i80xlS8
XQmyq46u88yIEP5ETjRe1/Tb/hCyhEARbMKQ9/COyq


an so on. Each time I selected "View as Text, In This Buffer". So I
tried to choose "Pipe to command" with the letter, but that doesn't
work:-( 

I get:


Pretty Good Privacy(tm) 2.6.3i - Public-key encryption for the masses.
(c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-01-18
International version - not for use in the USA. Does not use RSAREF.
Current time: 1999/04/07 14:09 GMT

File is encrypted.  Secret key is required to read it. 
Key for user ID: Stefanie Teufel <st@koelner.de>
2048-bit key, key ID 0E04D189, created 1997/06/04
Also known as: Stefanie Teufel <stefanie@dana.de>
Also known as: Stefanie Teufel <s.teufel@ndh.net>

You need a pass phrase to unlock your RSA secret key. 
Enter pass phrase: cannot open tty, using stdin

Unable to get terminal characteristics: ioctl: Not a typewriter


Any ideas what to do?

TIA,

Stefanie

############ Schippel ##############
From: Michael Strauss <Nightshade@os-net.de>
Subject: Wir filtern ...
To: s.teufel@ndh.net
X-Sent: 1 week, 6 days, 17 hours, 12 minutes, 6 seconds ago
X-Gnus-Mail-Source: file:/var/spool/mail/stefanie
Message-ID: <14073.20185.914206.346423@Nemesis.os-net.de>
X-Mailer: VM 6.70 under 21.2 "Demeter" XEmacs Lucid (beta13)
X-UIDL: 80d8b98ba7ec986dc9300a499954bd13
X-Status: A
X-Content-Length: 10318
Lines: 174
X-From-Line: Nightshade@os-net.de  Wed Mar 24 21:51:47 1999
Return-Path: <Nightshade@os-net.de>
Received: from localhost (stefanie@localhost [127.0.0.1])
	by diabolo.ndh.net (8.8.8/8.8.8) with ESMTP id VAA20231
	for <stefanie@localhost>; Wed, 24 Mar 1999 21:51:43 +0100
Received: from mail.ndh.net
	by localhost with POP3 (fetchmail-4.7.8)
	for stefanie@localhost (single-drop); Wed, 24 Mar 1999 21:51:46 +0100 (CET)
Received: from Nemesis.os-net.de (nightshade@di11.wertron.de [195.248.128.75]) by public.ndh.com (8.8.7/8.8.0) with ESMTP id VAA06571 for <s.teufel@ndh.net>; Wed, 24 Mar 1999 21:45:30 +0100 (MET)
Received: (from nightshade@localhost)
	by Nemesis.os-net.de (8.8.8/8.8.8) id VAA00268
	for s.teufel@ndh.net; Wed, 24 Mar 1999 21:45:18 +0100
X-PGP: 2048/35B6DE41   12 AC 91 47 64 D7 23 2E 4A AF 60 A1 4E F9 66 F5
MIME-Version: 1.0
Content-Type: multipart/encrypted; boundary="+";
   protocol="application/pgp-encrypted"
Status: RO
Xref: diabolo.ndh.net Michael:712


[1. application/pgp-encrypted]...



[2. application/octet-stream]...
-- 
Stefanie Teufel			       http://linux01.gwdg.de/~steufel
echo '[dO%O+38%O+PO/d0<0]Fi22os0CC4BA64E418CE7l0xAP'|dc

Re: Once again: PGnus & PGP

[Kai.Grossjohann]

Have you tried to install mailcrypt?  Does it work with pgnus?  I
never tried...
kai
-- 
Abort this operation?   [Abort]  [Cancel]

Re: Once again: PGnus & PGP

[Stefanie Teufel]

On Wed, Apr 07, 1999 at 16:33:42 +0200, Kai.Grossjohann@CS.Uni-Dortmund.DE wrote:
> Have you tried to install mailcrypt?  Does it work with pgnus?  I
> never tried...

Yup, but it doesn't work with these MIME-Messages like the one I
attached in my last mail. Other ideas?

Stefanie - clueless and without pgp
-- 
"Warum sollte ich ! Das Satan.pl postet doch weiterhin und macht dieser
 Sprache nun wirklich keine Ehre. Machs doch als Batch. Ms-Dose ist vom
 Niveau besser für dich." Nils.Henkelmann@t-online.de (Nils Henkelmann)

Re: Once again: PGnus & PGP

[Jack Twilley]

>>>>> "Stefanie" == Stefanie Teufel <s.teufel@ndh.net> writes:
>>>>> "Kai" == Kai Grossjohann <Kai.Grossjohann@CS.Uni-Dortmund.DE> writes:

    Kai> Have you tried to install mailcrypt?  Does it work with
    Kai> pgnus?  I never tried...

    Stefanie> Yup, but it doesn't work with these MIME-Messages like
    Stefanie> the one I attached in my last mail. Other ideas?

Hrm.  I have yet to receive a PGP message that mailcrypt _doesn't_
like.  Do you have the ability to generate said messages?

Jack.
(willing to help if possible)
-- 
Jack Twilley
jmt@nycap.rr.com
.

Re: Once again: PGnus & PGP

[Stefanie Teufel]

On Wed, Apr 07, 1999 at 19:32:36 +0000, Jack Twilley wrote:

> Hrm.  I have yet to receive a PGP message that mailcrypt _doesn't_
> like.  Do you have the ability to generate said messages?

Yes, shure. It's almost everything under windos and the PGP-Messages
out of mutt. Should I send one such a message to your adress? Or
perhaps my mailcrypt settings are incorrect. I use the following:

;;*=======================
;;* load  mailcrypt (XEmacs tool for pgp)
(autoload 'mc-install-write-mode "mailcrypt" nil t)
(autoload 'mc-install-read-mode "mailcrypt" nil t)
(add-hook 'message-mode-hook 'mc-install-write-mode)
(setq mc-encrypt-for-me t
      mc-passwd-timeout 6000)
;;*=======================
;;* mailcrypt-support for gnus
(add-hook 'gnus-summary-mode-hook 'mc-install-read-mode)
 (add-hook 'news-reply-mode-hook 'mc-install-write-mode)
(message "Gnus initialised")

TIA,

Stefanie
-- 
"Liebe Stefanie, leider bist Du kein Mann, deswegen wirst Du gewisse
 Sachen nicht verstehen." ICHTHYS.Seigert.Frank@t-online.de predigt...

Re: Once again: PGnus & PGP

[Jes Sorensen]

>>>>> "Kai" == Kai Grossjohann <Kai.Grossjohann@CS.Uni-Dortmund.DE> writes:

Kai> Have you tried to install mailcrypt?  Does it work with pgnus?  I
Kai> never tried... 

I didn't get it working (GNUS 5.6.45, yes I know I am behind), it
comes up and complains about the buffer being read-only.

Could be my mailcrypt that is outdated of course, but if anybody has a
recipe for getting it working I'd be quite interested.

Jes
.

Re: Once again: PGnus & PGP

[François Pinard]

Jes Sorensen <Jes.Sorensen@cern.ch> writes:

> Could be my mailcrypt that is outdated of course, but if anybody has a
> recipe for getting it working I'd be quite interested.

I have the impression that it works rather flawlessly for me (given the
keys are proper, of course), but I may be mistaken.  I sent my recipes to
the list, a few weeks ago...

-- 
François Pinard                            mailto:pinard@iro.umontreal.ca
Join the free Translation Project!    http://www.iro.umontreal.ca/~pinard

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Jack Twilley <jmt+usenet@nycap.rr.com>  on Wed, 07 Apr 1999
| Hrm.  I have yet to receive a PGP message that mailcrypt _doesn't_
| like.  Do you have the ability to generate said messages?

Mailcrypt doesn't like X-Pgp or PGP/MIME, but that is because PGP itself
does not like X-Pgp or PGP/MIME.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3C/5Sgl+vIlSVSNkRApqQAKC+grwDfOV1vk8rU1bWk9VPiuLJugCfVN0j
4a5KzsCIetUXtSV0lmF0KXE=
=iUSa
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Do not taunt Happy Fun Ball.
Minion of Nathan - Nathan says Hi! \ 
PGP Key: at a key server near you!  \ 

Re: Once again: PGnus & PGP

[Jack Twilley]

>>>>> "Rat" == Stainless Steel Rat <ratinox@peorth.gweep.net> writes:

    Jack> Hrm.  I have yet to receive a PGP message that mailcrypt
    Jack> _doesn't_ like.  Do you have the ability to generate said
    Jack> messages?

    Rat> Mailcrypt doesn't like X-Pgp or PGP/MIME, but that is because
    Rat> PGP itself does not like X-Pgp or PGP/MIME.

Mmmm.  That's reason enough for Mailcrypt to consider supporting
PGP/MIME a 'may'.

What mail readers support both 'standard' PGP email and (X-Pgp or
PGP/MIME)?  What _is_ X-Pgp, anyway?

Jack.
-- 
Jack Twilley
jmt@nycap.rr.com
.

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Jack Twilley <jmt+usenet@nycap.rr.com>  on Thu, 08 Apr 1999
| What mail readers support both 'standard' PGP email and (X-Pgp or
| PGP/MIME)?  What _is_ X-Pgp, anyway?

A worse abomination than PGP/MIME.  It strips PGP's block delimiters and
puts the signatures in an X-Pgp header.  Unlike PGP/MIME, there is no way
to reconstruct the article other than trial and error.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3DQW2gl+vIlSVSNkRAjsxAKDEWRH2YMzz8K0zr18wH4aSQRoorACfR1zj
3sd82f41koMFFwwHTqHFduY=
=VAAZ
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ If Happy Fun Ball begins to smoke, get
Minion of Nathan - Nathan says Hi! \ away immediately. Seek shelter and cover
PGP Key: at a key server near you!  \ head.

Re: Once again: PGnus & PGP

[Jack Twilley]

>>>>> "Rat" == Stainless Steel Rat <ratinox@peorth.gweep.net> writes:

    Rat> A worse abomination than PGP/MIME.  It strips PGP's block
    Rat> delimiters and puts the signatures in an X-Pgp header.
    Rat> Unlike PGP/MIME, there is no way to reconstruct the article
    Rat> other than trial and error.

Ummm, so what kind of freakish mailers support these evil things?

Jack.
('mail rejected -- stupidass nonstandard encrypted mail not accepted here')
-- 
Jack Twilley
jmt@nycap.rr.com
.

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* <tank@xs4all.nl>  on Fri, 09 Apr 1999
| ...well, in use with tinypgp.
| I'll sign this message with it.. look in the headers.

As you can see, X-Pgp is Evil.  If *ANY* change to the whitespace trailing
the message occours, it is practically impossible to properly reconstruct
the message for signature validation.  In other words, X-Pgp is worse than
useless.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3Dpivgl+vIlSVSNkRAqwGAJ4pWagrnUZGrAfYwzESP9qID3eaCwCfedrR
vJ2n4ZkKiUdVBp7BO9wVLIk=
=Nfyg
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Do not taunt Happy Fun Ball.
Minion of Nathan - Nathan says Hi! \ 
PGP Key: at a key server near you!  \ 

Re: Once again: PGnus & PGP

[Jack Twilley]

>>>>> "Rat" == Stainless Steel Rat <ratinox@peorth.gweep.net> writes:

    Rat> As you can see, X-Pgp is Evil.  If *ANY* change to the
    Rat> whitespace trailing the message occours, it is practically
    Rat> impossible to properly reconstruct the message for signature
    Rat> validation.  In other words, X-Pgp is worse than useless.

So declare it an unsupported non-standard, and refuse to acknowledge
those who use it.

Solves the problem from _my_ perspective.

Now what about this PGP/MIME crap?  Is this the message with detached
signature thing?

Jack.
-- 
Jack Twilley
jmt@nycap.rr.com
.

Re: Once again: PGnus & PGP

[Carey Evans]

[-- Attachment #1: Type: text/plain, Size: 495 bytes --]

On Sat, Apr 10, 1999 at 12:57:33PM +0000, Jack Twilley wrote:

> Now what about this PGP/MIME crap?  Is this the message with detached
> signature thing?

Yes.  It seems to be generated by mutt, and maybe be TM.  Hopefully
I've managed to sign this message using it.

-- 
	 Carey Evans  http://home.clear.net.nz/pages/c.evans/

"Try explaining a syn-ack-fin-rst scan to a dialup provider abuse drone. You
can almost hear the belt slip off the brain drive shaft."   - Strange in asr

[-- Attachment #2: Type: application/pgp-signature, Size: 290 bytes --]

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Jack Twilley <jmt+usenet@nycap.rr.com>  on Sat, 10 Apr 1999
| So declare it an unsupported non-standard, and refuse to acknowledge
| those who use it.

Which is pretty much exactly what I do.

| Now what about this PGP/MIME crap?  Is this the message with detached
| signature thing?

PGP/MIME uses a combination of detached signatures and MIME encoding to
hide PGP blocks from view.  Unlike X-Pgp, PGP/MIME retains at least some
form of block delimitation which means that unless something really broken
happened it should be possible to reconstruct the message so as to be able
to validate the signature.

MIME itself is Evil, but that is a separate issue. :)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3EKajgl+vIlSVSNkRAjeUAKDiQ1OiuklXWHyL2OQcvCY43PvmowCg5EVH
MCXTaSdOPWR0jA7Qd+9u9gk=
=artp
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Happy Fun Ball may stick to certain types
Minion of Nathan - Nathan says Hi! \ of skin.
PGP Key: at a key server near you!  \ 

Re: Once again: PGnus & PGP

[Stefanie Teufel]

On Sun, Apr 11, 1999 at 09:41:56 -0400, Stainless Steel Rat wrote:

> MIME itself is Evil, but that is a separate issue. :)

Okay, but to come back to my initial question: How can I persuade pgnus
to decrypt those weird mutt-pgp/MIME Messages?

Stefanie
-- 
"Easy to use is bullshit" -Stoney Edwards.  So true.  Personally, I'll
take the harder learning curve for the better productivity and
function.					    (Kenneth R. Kinder)

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Stefanie Teufel <teufel@hoelle.org>  on Sun, 11 Apr 1999
| Okay, but to come back to my initial question: How can I persuade pgnus
| to decrypt those weird mutt-pgp/MIME Messages?

Tell people that send you these things not to use the not-widely-supported
Abominations.  Until PGP itself groks PGP/MIME out of the box, PGP/MIME
should not be used.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3EN7Fgl+vIlSVSNkRAppIAJ40LWUAjV0/ybD+V5QoEe89rpnV+gCeIUoK
470FGxoksu3WsGIrxM2p470=
=TbD2
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Do not use Happy Fun Ball on concrete.
Minion of Nathan - Nathan says Hi! \ 
PGP Key: at a key server near you!  \ 

Re: Once again: PGnus & PGP

[Jack Twilley]

>>>>> "Rat" == Stainless Steel Rat <ratinox@peorth.gweep.net> writes:

    Jack> So declare it an unsupported non-standard, and refuse to
    Jack> acknowledge those who use it.

    Rat> Which is pretty much exactly what I do.

Hee.  If someone didn't know you, they might call you an elitist or
something.[1]

    Jack> Now what about this PGP/MIME crap?  Is this the message with
    Jack> detached signature thing?

    Rat> PGP/MIME uses a combination of detached signatures and MIME
    Rat> encoding to hide PGP blocks from view.  Unlike X-Pgp,
    Rat> PGP/MIME retains at least some form of block delimitation
    Rat> which means that unless something really broken happened it
    Rat> should be possible to reconstruct the message so as to be
    Rat> able to validate the signature.

Okay.  So if the MIME blocks are analogous to files, why couldn't
mailcrypt simply take the "application/pgp-signature" and apply it to
the previous attachment, whatever it is?  Would that work?  I'm going
to test it on Carey's message, by hand.

    Rat> MIME itself is Evil, but that is a separate issue. :)

Indeed.  However, there are greater and lesser forms of Evil.  I'm
seeing X-Pgp as being Broken Evil, and this PGP/MIME as simply Stupid
Evil.

Jack.

[1]  If someone knew you, they might say the same.  Dunno. ;-)
-- 
Jack Twilley
jmt@nycap.rr.com
.

Re: Once again: PGnus & PGP

[Jack Twilley]

>>>>> "Carey" == Carey Evans <c.evans@clear.net.nz> writes:

    Jack> Now what about this PGP/MIME crap?  Is this the message with
    Jack> detached signature thing?

    Carey> Yes.  It seems to be generated by mutt, and maybe be TM.
    Carey> Hopefully I've managed to sign this message using it.

While you may have signed it, no amount of abuse of your message
caused PGP to successfully verify your signature.  Have you ever
successfully verified a signature of a PGP/MIME message?

    Carey> -- Carey Evans http://home.clear.net.nz/pages/c.evans/

Jack.
-- 
Jack Twilley
jmt@nycap.rr.com
.

Re: Once again: PGnus & PGP

[Carey Evans]

Jack Twilley <jmt+usenet@nycap.rr.com> writes:

> >>>>> "Carey" == Carey Evans <c.evans@clear.net.nz> writes:
> 
>     Jack> Now what about this PGP/MIME crap?  Is this the message with
>     Jack> detached signature thing?
> 
>     Carey> Yes.  It seems to be generated by mutt, and maybe be TM.
>     Carey> Hopefully I've managed to sign this message using it.
> 
> While you may have signed it, no amount of abuse of your message
> caused PGP to successfully verify your signature.  Have you ever
> successfully verified a signature of a PGP/MIME message?

Mutt successfully verifies my message, as well as others on the
debian-devel mailing list, where PGP/MIME is used by a few people.

To verify the signature manually:

  Save the PGP signature in the application/pgp-signature part, as
  "msg.txt.sig" for example.

  Save the headers and content of the text/plain part, leaving it in
  its MIME encoding, e.g. as "msg.txt".

  Run PGP against the signature, e.g. as "pgp msg.txt.sig".

The process is described in RFC 2015.  By "leaving it in its MIME
encoding, I mean that the first line in the file is the "Content-Type"
header, and my .sig separator "-- " is still QP-encoded as "--=20".

I'm not claiming that PGP/MIME is actually any good, but this is how I
can get a good signature from my message.

-- 
	 Carey Evans  http://home.clear.net.nz/pages/c.evans/

"Try explaining a syn-ack-fin-rst scan to a dialup provider abuse drone. You
can almost hear the belt slip off the brain drive shaft."   - Strange in asr

Re: Once again: PGnus & PGP

[Jack Twilley]

>>>>> "Carey" == Carey Evans <c.evans@clear.net.nz> writes:

[... my struggles hand-verifying Carey's message elided ...]

    Carey> Mutt successfully verifies my message, as well as others on
    Carey> the debian-devel mailing list, where PGP/MIME is used by a
    Carey> few people.

Mmmm.  Interesting.

    Carey> To verify the signature manually:

    Carey>   Save the PGP signature in the application/pgp-signature
    Carey> part, as "msg.txt.sig" for example.

This was trivial.

    Carey>   Save the headers and content of the text/plain part,
    Carey> leaving it in its MIME encoding, e.g. as "msg.txt".

This was very difficult.  What headers?  Gnus adds headers, so does
sendmail when sending messages through mail routers, blah blah blah.
I could never get this to work, no matter how hard I tried.

    Carey>   Run PGP against the signature, e.g. as "pgp msg.txt.sig".

This is fine, but it sucks balls if you subscribe to the concept of
using filters and the like.  The filename dependency thing is annoying
too.  Not sure if this is a PGP problem in design or someone taking a
file-based solution and running with it in an email environment or
what.

    Carey> The process is described in RFC 2015.  By "leaving it in
    Carey> its MIME encoding, I mean that the first line in the file
    Carey> is the "Content-Type" header, and my .sig separator "-- "
    Carey> is still QP-encoded as "--=20".

Ugh.  If I could successfully get this to extract, I might forward on
the information to Mailcrypt Len and see if he thinks it could
happen.  It might be something that could be done with gnusish macros
but I wouldn't know.  On the outside, it looks simple.  "Extract
attachment one to a file.  Extract attachment two to a file.sig.  Run
PGP against the second attachment.  Report results.".  Anyone good at
whipping up elisp out there who isn't allergic to PGP/MIME?

    Carey> I'm not claiming that PGP/MIME is actually any good, but
    Carey> this is how I can get a good signature from my message.

Out of curiosity, does mutt support the more standard methods of
signing email messages, like gnus etc.?  Can you sign your messages
the way Rat does, for example?

    Carey> -- Carey Evans http://home.clear.net.nz/pages/c.evans/

Jack.
-- 
Jack Twilley
jmt@nycap.rr.com
.

Re: Once again: PGnus & PGP

[David S. Goldberg]

tm did the pgp/mime thing reasonably well, at least for verification;
I never used it for signing.  This has been hashed out before on this
list.  ISTR that Lars has added pgp/mime to the TODO list and has
plans to look at the tm code for starters.  I've tried using the tm
code directly with minor mods to try to hook it into pgnus but have
had no success and little time to devote to it.
-- 
Dave Goldberg
Post: The Mitre Corporation\MS B325\202 Burlington Rd.\Bedford, MA 01730
Phone: 781-271-3887
Email: dsg@mitre.org

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Jack Twilley <jmt+usenet@nycap.rr.com>  on Sun, 11 Apr 1999
| Hee.  If someone didn't know you, they might call you an elitist or
| something.[1]

I *AM* an elitist.  Or something. :)

| Okay.  So if the MIME blocks are analogous to files, why couldn't
| mailcrypt simply take the "application/pgp-signature" and apply it to
| the previous attachment, whatever it is?  Would that work?  I'm going
| to test it on Carey's message, by hand.

It would.  At least it should.  The problem here is that current versions
of PGP does not properly adhere to PGP standards.  GnuPG might serve you
better in this regard.  Dunnow for sure.

| Indeed.  However, there are greater and lesser forms of Evil.  I'm
| seeing X-Pgp as being Broken Evil, and this PGP/MIME as simply Stupid
| Evil.

I concour.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3EjLIgl+vIlSVSNkRAr7GAKCuXflfeMjQRXC/jphm4tFrK5XcYwCgnnBO
b4sHYtHDz5oQJIEpVJiKYaY=
=UfFJ
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Happy Fun Ball contains a liquid core,
Minion of Nathan - Nathan says Hi! \ which, if exposed due to rupture, should
PGP Key: at a key server near you!  \ not be touched, inhaled, or looked at.

Re: Once again: PGnus & PGP

[Carey Evans]

Jack Twilley <jmt+usenet@nycap.rr.com> writes:

[snip my attempt to verify the signature on my email]

> This is fine, but it sucks balls if you subscribe to the concept of
> using filters and the like.  The filename dependency thing is annoying
> too.  Not sure if this is a PGP problem in design or someone taking a
> file-based solution and running with it in an email environment or
> what.

OK, my approach was just easier to do manually, and looks like what
mutt does.  You can also do something like:

  Write "-----BEGIN PGP SIGNED MESSAGE-----\n\n".
  Write the raw contents of the signed part, including the MIME headers.
  Write the contents of the application/pgp-signature part.
  Send the whole lot to PGP.

This results in a successful verification of my message, too.  (At
least, I saved it to msg.asc and verified that.)

> Out of curiosity, does mutt support the more standard methods of
> signing email messages, like gnus etc.?  Can you sign your messages
> the way Rat does, for example?

I don't actually *use* mutt, I just knew it created PGP/MIME
signatures.  All the built-in PGP support is geared towards detached
MIME signatures, though.

-- 
	 Carey Evans  http://home.clear.net.nz/pages/c.evans/

"Try explaining a syn-ack-fin-rst scan to a dialup provider abuse drone. You
can almost hear the belt slip off the brain drive shaft."   - Strange in asr

Re: Once again: PGnus & PGP

[Jack Twilley]

>>>>> "Carey" == Carey Evans <c.evans@clear.net.nz> writes:

    Jack> This is fine, but it sucks balls if you subscribe to the
    Jack> concept of using filters and the like.  The filename
    Jack> dependency thing is annoying too.  Not sure if this is a PGP
    Jack> problem in design or someone taking a file-based solution
    Jack> and running with it in an email environment or what.

    Carey> OK, my approach was just easier to do manually, and looks
    Carey> like what mutt does.  You can also do something like:

    Carey>   Write "-----BEGIN PGP SIGNED MESSAGE-----\n\n".  Write
    Carey> the raw contents of the signed part, including the MIME
    Carey> headers.  Write the contents of the
    Carey> application/pgp-signature part.  Send the whole lot to PGP.

Again, my issue with this is this whole "raw contents" part.  Sounds
like it'd be easier to just do it the Right Way instead of faking it.

    Carey> This results in a successful verification of my message,
    Carey> too.  (At least, I saved it to msg.asc and verified that.)

    Jack> Out of curiosity, does mutt support the more standard
    Jack> methods of signing email messages, like gnus etc.?  Can you
    Jack> sign your messages the way Rat does, for example?

    Carey> I don't actually *use* mutt, I just knew it created
    Carey> PGP/MIME signatures.  All the built-in PGP support is
    Carey> geared towards detached MIME signatures, though.

Okay... does tinypgp or whatever you do use do it the Right Way?

Jack.
(feeling curious)
-- 
Jack Twilley
jmt@nycap.rr.com
.

Re: Once again: PGnus & PGP

[David S. Goldberg]

> Again, my issue with this is this whole "raw contents" part.  

Huh?  Just what did you think the signature was based on?  If/when
pgnus does pgp/mime natively, it's going to have to work on the raw
contents since that's what's been signed.  Or do I misunderstand your
objection?  

> Sounds like it'd be easier to just do it the Right Way instead of
> faking it.

According to the pgp/mime draft[1] that is the "Right Way"[2] to deal
with pgp/mime.  That some mail systems do it more transparently than
others is strictly a matter of implementation.  If you use an older
version of gnus with tm, it works just fine.

[1] There are/were two drafts for pgp/mime, one by Elkins, one by
Kazu(sp?).  I'm pretty sure the format we're talking about is Elkins,
which has either become standard or is just the clear winner in
popularity. 

[2] Note to Rat: Don't bother; We already agree that anything related
to MIME should not be called the "Right Way" :-)
-- 
Dave Goldberg
Post: The Mitre Corporation\MS B325\202 Burlington Rd.\Bedford, MA 01730
Phone: 781-271-3887
Email: dsg@mitre.org

Re: Once again: PGnus & PGP

[Jack Twilley]

>>>>> "David" == David S Goldberg <dsg@mitre.org> writes:

    Jack> Again, my issue with this is this whole "raw contents" part.
    David> Huh?  Just what did you think the signature was based on?
    David> If/when pgnus does pgp/mime natively, it's going to have to
    David> work on the raw contents since that's what's been signed.
    David> Or do I misunderstand your objection?

My objection is to the definition of the term.  I tried to extract the
entire "raw contents" using standard MIME tools, and I failed to
extract anything that could be successfully verified by the
signature.  Therefore, "raw contents" is too nebulous for me to even
begin to implement the verification process.

    Jack> Sounds like it'd be easier to just do it the Right Way
    Jack> instead of faking it.

    David> According to the pgp/mime draft[1] that is the "Right
    David> Way"[2] to deal with pgp/mime.  That some mail systems do
    David> it more transparently than others is strictly a matter of
    David> implementation.  If you use an older version of gnus with
    David> tm, it works just fine.

I'm saying that the Right Way is the way Rat and others do it, and
that this PGP/MIME hooey is Stupid Evil.  PGP/MIME is the Wrong Way,
by virtue of the stuff I did above.  If I sign a message the way Rat
and others do it (if there's a better name for the standard, let me
know), then I can verify it easily whether I'm using Gnus or
hotmail.com or anything at all.  This stuff, I can't do by hand.

Jack.
(the Ratstandard?)
-- 
Jack Twilley
jmt@nycap.rr.com
.

Re: Once again: PGnus & PGP

[Stefanie Teufel]

On Mon, Apr 12, 1999 at 20:44:21 +0000, Jack Twilley wrote:

> I'm saying that the Right Way is the way Rat and others do it, and
> that this PGP/MIME hooey is Stupid Evil.  PGP/MIME is the Wrong Way,

Hmm, it might be the wrong way - despite the fact, that somebody told
me today, that there seems to exist a RFC which defines/declares this
PGP/MIME-thingie as the correct behaviour - but there are a bunch of
popular MUAs out there handling PGP that way. So once again my
question: is there a chance to persuade pgnus to decrypt those
messages?

Stefanie
-- 
als typisch für linux benutzer gilt aber wohl immernoch eher was ala:
"man blafurz | grep RTFM | cut -c  /d 10-2837 | uahha"  (Adam Kopacz)

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Jack Twilley <jmt+usenet@nycap.rr.com>  on Mon, 12 Apr 1999
| Jack.
| (the Ratstandard?)

Nope: PEM (Privacy Enhanced Mail), which existed long before PGP/MIME, and
possibly before MIME.

It should be possible to dump a PGP/MIME message straight to PGP and expect 
PGP to Do The Right Thing.  Until that becomes a reality, PGP/MIME is at
best a sporadically used standard that looks nice on paper but is more
trouble than it is worth for most users.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3Emnmgl+vIlSVSNkRAs+XAJ9EeEQBiDaRu7caET14S6SrXMhQeACg2NIL
K+nlTAFZNIMUV6E1CexJJNg=
=+ICU
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Ingredients of Happy Fun Ball include an
Minion of Nathan - Nathan says Hi! \ unknown glowing substance which fell to
PGP Key: at a key server near you!  \ Earth, presumably from outer space.

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Stefanie Teufel <teufel@hoelle.org>  on Mon, 12 Apr 1999
| Hmm, it might be the wrong way - despite the fact, that somebody told
| me today, that there seems to exist a RFC which defines/declares this
| PGP/MIME-thingie as the correct behaviour

Just because someone drafted a Request for Comments does not make the
standard described therein a good one.

| - but there are a bunch of popular MUAs out there handling PGP that way.

And just because some MUAs implement a standard does not make it a good
one.  There are a lot of seriously broken standards out there.  'Ident' is
probably my favorite in that category.  Practically every IRC server in the
world uses ident, but it is still a hopelessly usless, utterly broken
concept that should be abandoned.

PGP/MIME is not quite so bad (though X-Pgp is :).  In fact, it does serve a
useful purpose.  But for it to be truely useful for everyone, which is
something of a requirement for PGP, PGP must be able to deal with it
directly, at least as far as decryption and signature verification are
concerned.

| So once again my question: is there a chance to persuade pgnus to decrypt
| those messages?

Not likely.  There are too many potential legal problems with supporting
strong cryptography.  Of note, according to the US Department of Justice,
simply having hooks for strong crypto, such as PGP, included in the
software qualifies it for export restriction.  The Department of Commerce
disagrees, and usually writes an export permit.  But even then the
distribution of the code is restricted to the owner of the permit, and that
violates one of the precepts of the FSF.

Importing is not a legal problem, but Lars has stated that he does not want
to split up the Gnus source tree.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3EocMgl+vIlSVSNkRArPsAKCvel+q+iBHYsTMaoRucRhzghNm/ACbBbzV
Z99foHYeJOUdg/Rdp+I/4fM=
=6mMJ
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Do not taunt Happy Fun Ball.
Minion of Nathan - Nathan says Hi! \ 
PGP Key: at a key server near you!  \ 

Re: Once again: PGnus & PGP

[Russ Allbery]

Stainless Steel Rat <ratinox@peorth.gweep.net> writes:

> PGP/MIME is not quite so bad (though X-Pgp is :).  In fact, it does
> serve a useful purpose.  But for it to be truely useful for everyone,
> which is something of a requirement for PGP, PGP must be able to deal
> with it directly, at least as far as decryption and signature
> verification are concerned.

Someone from PGP, Inc. is claiming in netscape.public.mozilla.mail-news
that PGP supports PGP/MIME.  (Of course, this person also claimed that the
PGPsdk was free software, so I'd take this with a grain of salt, but.)

-- 
Russ Allbery (rra@stanford.edu)         <URL:http://www.eyrie.org/~eagle/>

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Russ Allbery <rra@stanford.edu>  on Mon, 12 Apr 1999
| Someone from PGP, Inc.

PGP, Inc., no longer exists.  It was bought out by NAI (Network Associates)
a year or two back.  And NAI is not a name I trust.

| is claiming in netscape.public.mozilla.mail-news that PGP supports
| PGP/MIME.

If so, this is a rather new development, and probably only of use to
Windoze users as NAI has almost completely abandoned command-line versions
of PGP.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3EpZ4gl+vIlSVSNkRAh3nAKDTfcF0Y0c3t7Ur/ZrRU+wiVAWDfgCdEZJB
kcJl6xC366K0Njd5QqqbBFY=
=ugSR
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Happy Fun Ball contains a liquid core,
Minion of Nathan - Nathan says Hi! \ which, if exposed due to rupture, should
PGP Key: at a key server near you!  \ not be touched, inhaled, or looked at.

Re: Once again: PGnus & PGP

[Russ Allbery]

Stainless Steel Rat <ratinox@peorth.gweep.net> writes:
> * Russ Allbery <rra@stanford.edu>  on Mon, 12 Apr 1999:

> | Someone from PGP, Inc.

> PGP, Inc., no longer exists.  It was bought out by NAI (Network
> Associates) a year or two back.  And NAI is not a name I trust.

I distinguish because I think there are people who are working for the PGP
division of NAI who are decent people, in contrast to NAI who I basically
consider to be sub-human scum.  So I try to give them the benefit of the
doubt when possible.  Anyway, s/PGP, Inc/the PGP division of NAI/.

> If so, this is a rather new development, and probably only of use to
> Windoze users as NAI has almost completely abandoned command-line
> versions of PGP.

I'd really like to see support for all this stuff added to GnuPG and then
just be done with PGP completely.  It's just not clear to me how much I,
as an American, can help without causing the GnuPG project trouble, which
really sucks.

-- 
Russ Allbery (rra@stanford.edu)         <URL:http://www.eyrie.org/~eagle/>

Re: Once again: PGnus & PGP

[Lars Magne Ingebrigtsen]

Stefanie Teufel <teufel@hoelle.org> writes:

> Okay, but to come back to my initial question: How can I persuade pgnus
> to decrypt those weird mutt-pgp/MIME Messages?

Well, it should be pretty easy to do -- we add a handler for
multpart/signed, and let an external decrypter/verifyer handle it.  (I 
can't do it in Gnus itself, since that would be illegal.)  Er.  But
that would mean that I have to add a general mechanism for handling
multipart/* stuff, which I probably should do anyway, so I'll just do
that right away.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Once again: PGnus & PGP

[Stefanie Teufel]

On Sat, Apr 17, 1999 at 09:49:02 +0200, Lars Magne Ingebrigtsen wrote:

> Well, it should be pretty easy to do -- we add a handler for
> multpart/signed, and let an external decrypter/verifyer handle it.  (I 
> can't do it in Gnus itself, since that would be illegal.)  Er.  But

Hmm, but who would do it then? 

> that would mean that I have to add a general mechanism for handling
> multipart/* stuff, which I probably should do anyway, so I'll just do
> that right away.

Sounds great, thxs.

Stefanie
-- 
"Ui! Ich hatte bei zwei, drei Deiner vorangegangenen Postings gedacht,
 deren Güte sei nicht mehr zu unterbieten gewesen - aber da muß ich mich
 dann ja doch eines besseren belehren lassen!" (schroeder@pobox.com)

Re: Once again: PGnus & PGP

[William M. Perry]

Lars Magne Ingebrigtsen <larsi@gnus.org> writes:

> Stefanie Teufel <teufel@hoelle.org> writes:
> 
> > Okay, but to come back to my initial question: How can I persuade pgnus
> > to decrypt those weird mutt-pgp/MIME Messages?
> 
> Well, it should be pretty easy to do -- we add a handler for
> multpart/signed, and let an external decrypter/verifyer handle it.  (I
> can't do it in Gnus itself, since that would be illegal.)  Er.  But that
> would mean that I have to add a general mechanism for handling
> multipart/* stuff, which I probably should do anyway, so I'll just do
> that right away.

Make it able to be done by any arbitrary elisp function.  From the point of 
view of the NSA, having an external function or a DLL/script do the munging 
is equivalent.  It is still a 'hook' for some 3rd party to do the
encryption.

Technically, ssl.el is illegal. :)

Remember, the NSA made the NCSA Mosaic guys take out there PGP & HTTP
hybrid because they used an external process to deal with it.

-Bill P.

Re: Once again: PGnus & PGP

[Kai.Grossjohann]

wmperry@aventail.com (William M. Perry) writes:

  > Make it able to be done by any arbitrary elisp function.  From the
  > point of view of the NSA, having an external function or a
  > DLL/script do the munging is equivalent.  It is still a 'hook' for
  > some 3rd party to do the encryption.

Does that mean file-name-handler-alist is illegal because you can use
it to hook up PGP to Emacs?

Eek.

Intuitively, I'd say that a hook which is meant to be used for
something else but can be abused to do the encryption thing should not
be illegal.  But you never know, with these lawyer types...

kai
-- 
Abort this operation?   [Abort]  [Cancel]

Re: Once again: PGnus & PGP

[Hrvoje Niksic]

Kai.Grossjohann@CS.Uni-Dortmund.DE writes:

> wmperry@aventail.com (William M. Perry) writes:
> 
>   > Make it able to be done by any arbitrary elisp function.  From the
>   > point of view of the NSA, having an external function or a
>   > DLL/script do the munging is equivalent.  It is still a 'hook' for
>   > some 3rd party to do the encryption.
> 
> Does that mean file-name-handler-alist is illegal because you can
> use it to hook up PGP to Emacs?

No; I believe `file-name-pgp-handler' with PGP-friendly defaults would
be illegal.

A "general mechanism for handling multiparts" sounds NSA-friendly to
me.  Bill?

Re: Once again: PGnus & PGP

[Lars Magne Ingebrigtsen]

Stefanie Teufel <teufel@hoelle.org> writes:

> > Well, it should be pretty easy to do -- we add a handler for
> > multpart/signed, and let an external decrypter/verifyer handle it.  (I 
> > can't do it in Gnus itself, since that would be illegal.)  Er.  But
> 
> Hmm, but who would do it then? 

Well, somebody else.  Preferrably someone who doesn't live in a
country that's affected by these laws.

Heh.  I wonder whether this discussion could be prosecuted as a
conspiracy to commit a crime.  :-)

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Once again: PGnus & PGP

[Lars Magne Ingebrigtsen]

wmperry@aventail.com (William M. Perry) writes:

> Make it able to be done by any arbitrary elisp function.

Yup.  The function will be passed the MIME handle, so it can do
whatever it wants with it.  What I think it wants to do with it is to
verify the first part with the second part (the signature), and then
call `gnus-display-mime' with the first part to insert it.  It should
be simple to write.

> From the point of view of the NSA, having an external function or a
> DLL/script do the munging is equivalent.  It is still a 'hook' for
> some 3rd party to do the encryption.

Yup.  By doing it in a totally generic way, I don't think that Gnus
can be prosecuted.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Once again: PGnus & PGP

[William M. Perry]

Hrvoje Niksic <hniksic@srce.hr> writes:

> Kai.Grossjohann@CS.Uni-Dortmund.DE writes:
> 
> > wmperry@aventail.com (William M. Perry) writes:
> > 
> >   > Make it able to be done by any arbitrary elisp function.  From the
> >   > point of view of the NSA, having an external function or a
> >   > DLL/script do the munging is equivalent.  It is still a 'hook' for
> >   > some 3rd party to do the encryption.
> > 
> > Does that mean file-name-handler-alist is illegal because you can
> > use it to hook up PGP to Emacs?
> 
> No; I believe `file-name-pgp-handler' with PGP-friendly defaults would
> be illegal.
> 
> A "general mechanism for handling multiparts" sounds NSA-friendly to me.
> Bill?

That should not be a problem.  In general it seems that it is much more a
'marketing' decision than any technical decision on the part of the NSA.
For example, the netscape plugin API for URL loading can _EASILY_ be used
to replace their HTTPS implementation with a 128-bit version, even outside
the US.  But since they do not MARKET the API as a way to add encryption to
the product, the NSA doesn't care.  But we at Aventail made the mistake of
saying our plugin API was expressly for authentication and encryption, and
WHAMMO we had to put in a whole slew of stupid licensing #!%@ to make them
happy.  Whaaaa. :(

If you made it follow something like the 'cid' handling for Emacs/W3 you
would be all set.  A generic elisp function just gets called with the mm
handle, or a list of all the content-ids.

Does MIME/PGP do something sane like match the signature to the content-id
that it signs?  Otherwise, what do you do if someone sends a text/plain
part, an application/x-foobar part, and the signature.  Which chunk does
the signature `belong' to?

-Bill P.

Re: Once again: PGnus & PGP

[William M. Perry]

Kai.Grossjohann@CS.Uni-Dortmund.DE writes:

> wmperry@aventail.com (William M. Perry) writes:
> 
>   > Make it able to be done by any arbitrary elisp function.  From the
>   > point of view of the NSA, having an external function or a
>   > DLL/script do the munging is equivalent.  It is still a 'hook' for
>   > some 3rd party to do the encryption.
> 
> Does that mean file-name-handler-alist is illegal because you can use it
> to hook up PGP to Emacs?
> 
> Eek.
> 
> Intuitively, I'd say that a hook which is meant to be used for something
> else but can be abused to do the encryption thing should not be illegal.
> But you never know, with these lawyer types...

See my followup to Hrvoje for details, but both are techincally illegal,
but one is let thru much more easily by the NSA.  Bunch of goons.

-bp

Re: Once again: PGnus & PGP

[William M. Perry]

Lars Magne Ingebrigtsen <larsi@gnus.org> writes:

> Stefanie Teufel <teufel@hoelle.org> writes:
> 
> > > Well, it should be pretty easy to do -- we add a handler for
> > > multpart/signed, and let an external decrypter/verifyer handle it.  (I 
> > > can't do it in Gnus itself, since that would be illegal.)  Er.  But
> > 
> > Hmm, but who would do it then? 
> 
> Well, somebody else.  Preferrably someone who doesn't live in a
> country that's affected by these laws.
> 
> Heh.  I wonder whether this discussion could be prosecuted as a
> conspiracy to commit a crime.  :-)

Don't laugh too hard, it probably could. :)

-Bill P.

Re: Once again: PGnus & PGP

[Hrvoje Niksic]

wmperry@aventail.com (William M. Perry) writes:

> Does MIME/PGP do something sane like match the signature to the
> content-id that it signs?  Otherwise, what do you do if someone
> sends a text/plain part, an application/x-foobar part, and the
> signature.  Which chunk does the signature `belong' to? (...)

There are two MIME PGP things: the old brain-damaged one
(application/pgp-signature), and the rfc2015 one, which looks quite
useful to me.  The latter signs or encrypts the whole MIME message,
not just a part.  Example message looks like this:

     From: Michael Elkins <elkins@aero.org>
     To: Michael Elkins <elkins@aero.org>
     Mime-Version: 1.0
     Content-Type: multipart/encrypted; boundary=foo;
        protocol="application/pgp-encrypted"

     --foo
     Content-Type: application/pgp-encrypted

     Version: 1

     --foo
     Content-Type: application/octet-stream

     -----BEGIN PGP MESSAGE-----
     Version: 2.6.2

     hIwDY32hYGCE8MkBA/wOu7d45aUxF4Q0RKJprD3v5Z9K1YcRJ2fve87lMlDlx4Oj
     eW4GDdBfLbJE7VUpp13N19GL8e/AqbyyjHH4aS0YoTk10QQ9nnRvjY8nZL3MPXSZ
     g9VGQxFeGqzykzmykU6A26MSMexR4ApeeON6xzZWfo+0yOqAq6lb46wsvldZ96YA
     AABH78hyX7YX4uT1tNCWEIIBoqqvCeIMpp7UQ2IzBrXg6GtukS8NxbukLeamqVW3
     1yt21DYOjuLzcMNe/JNsD9vDVCvOOG3OCi8=
     =zzaA
     -----END PGP MESSAGE-----

     --foo--

Now, you feed the "octet-stream" part to PGP, extract the MIME message
(possibly including multiparts and everything), and *show* that.
Because the whole MIME thing is encrypted/signed, you needn't worry
about CID's.

Re: Once again: PGnus & PGP

[Stefanie Teufel]

On Sat, Apr 17, 1999 at 17:15:58 +0200, Lars Magne Ingebrigtsen wrote:

> Well, somebody else.  Preferrably someone who doesn't live in a
> country that's affected by these laws.

Hmmm, so what can I do? How can I find that "somebody else"?

> Heh.  I wonder whether this discussion could be prosecuted as a
> conspiracy to commit a crime.  :-)

I love a real good conspiracy;-)

Stefanie
-- 
"Bill Gates isn't the Devil - Satan made sure Hell worked before he
 opened it to the damned..."

Re: Once again: PGnus & PGP

[Jari Aalto+list.ding]

* Thu 1999-04-08 Stainless Steel Rat <ratinox@peorth.gweep.net> list.ding
* Message-Id: <99Apr8.153506edt.13862-3@gateway.intersys.com>
| * Jack Twilley <jmt+usenet@nycap.rr.com>  on Thu, 08 Apr 1999
| | What mail readers support both 'standard' PGP email and (X-Pgp or
| | PGP/MIME)?  What _is_ X-Pgp, anyway?
| 
| A worse abomination than PGP/MIME.  It strips PGP's block delimiters and
| puts the signatures in an X-Pgp header.  Unlike PGP/MIME, there is no way
| to reconstruct the article other than trial and error.

C'mon Rat, this was discussed 3 years ago with proven results that 
PGP can be reduces to header based X-pgp and still be validated.
(See Gnus group from dejanews)

But anyway, it was intermediate choice before PGP/MIME. The X-pgp does not
exist any more. The PGP/MIME is the preferred format.

jari

Re: Once again: PGnus & PGP

[Jari Aalto+list.ding]

* Mon 1999-04-12 Jack Twilley <jmt+usenet@nycap.rr.com> list.ding
* Message-Id: <m31zhqpo74.fsf@duchess.3b2.org>
| >>>>> "Carey" = Carey Evans <c.evans@clear.net.nz> writes:
| 
|     Jack> Now what about this PGP/MIME crap?  Is this the message with
|     Jack> detached signature thing?
| 
|     Carey> Yes.  It seems to be generated by mutt, and maybe be TM.
|     Carey> Hopefully I've managed to sign this message using it.
| 
| While you may have signed it, no amount of abuse of your message
| caused PGP to successfully verify your signature.  Have you ever
| successfully verified a signature of a PGP/MIME message?

I did it all the timne with TM. The PGP/MIME support that I wrote to
TinyPgp/TM/early SEMI was working perfectly. Then I got busy at my work and
saw rapid SEMI and Gnus development and I didn't have time to update
TinyPgp for over a year/two.

I'm looking into restoring the PGP/MIME with TM and SEMI in some
time schelude after the summer. 

jari

Re: Once again: PGnus & PGP

[Jari Aalto+list.ding]

* 1999-04-12 Stainless Steel Rat <ratinox@peorth.gweep.net> list.ding
* Message-Id: <m3hfqlv1mb.fsf@peorth.gweep.net>
| * Stefanie Teufel <teufel@hoelle.org>  on Mon, 12 Apr 1999
| | Hmm, it might be the wrong way - despite the fact, that somebody told
| | me today, that there seems to exist a RFC which defines/declares this
| | PGP/MIME-thingie as the correct behaviour
| 
| Just because someone drafted a Request for Comments does not make the
| standard described therein a good one.

It's not something new...

        There is already standard by IETF working group in RFC 2015,
        where the PGP is handled transparently in MIME message.

            Title:      MIME Security with Pretty Good Privacy (PGP)
            Author:     M. Elkins
            Date:       October 1996
            Mailbox:    P.O. Box 92957 - M1/102
                        Los Angeles, CA 90009-2957
            Pages:      8
            Characters: 14,223
            Updates/Obsoletes:  None

            URL:        ftp://ds.internic.net/rfc/rfc2015.txt

| Not likely.  There are too many potential legal problems with supporting
| strong cryptography.  Of note, according to the US Department of Justice,
| simply having hooks for strong crypto, such as PGP, included in the
| software qualifies it for export restriction.  The Department of Commerce
| disagrees, and usually writes an export permit.  But even then the
| distribution of the code is restricted to the owner of the permit, and that
| violates one of the precepts of the FSF.

This is outrage for us Europeans too. The idiotic Goverments went and
signed Wassenaar[1] agreement without telling the people about it at all!
Can you imagine Finland to be part of it? A pioneer of free speech with
anon.penet.fi[2]. It makes me sick to see back boneless representatives
in our goverment that for the first time have sneaked to escape our
public voice (press) strorm which would have happened if we would
have known about the negotiations.

For the history, there is short exerpt what the X-pgp was all about[3]. I
have removd the document from public access that described the non-formal
standard, because now MIME is here. The Newsgroup moderators used X-pgp
first to approve the posts. (PgpMoose - Greg Rose) (Pgpcontrol - Richard
Letts)

jari

Footnotes: 
[1]     "National export controls"
        http://www.wassenaar.org/
 

[2]     http://www.penet.fi/
        http://www2.thecia.net/users/rnewman/scientology/anon/penet.html
        ...With the shutdown of Julf Helsingus popular pseudonymous
        remailer anon.penet.fi and with the work of Winfried Muller
        in the sects information project Religio the need for a new
        pseudonymous remailer grow up.

[3]     The aim of the x-pgp is to leave the message body for text and
        utilize headers to carry the signature information.

        "...attempts to reach an agreement for an informal, nonstandard way
        of hiding PGP signature data in mail headers, so that signed mail
        can be exchanged without cluttering the message body, yet without
        requiring MIME. Hopefully, doing tricks without requiring MIME is
        a short-term sort of need, but we do seem to have that need right
        now." Jack Repenning <jackr@illustra.com>


            H    To: foo@site.com
            .    --text follows this line--
            B    -----BEGIN PGP SIGNED MESSAGE-----
            B
            B    test message
            B
            B 1  -----BEGIN PGP SIGNATURE-----
            B 2  Version: 2.6.3ia
            B 3  Charset: noconv
            B 4  Comment: Processed by xxx
            B 5
            B 6  iQBVAwUBMbW4lMC67dVHFB01AQHB6wH9EV5vJ/hBCUqBGJc5470cu6
            B 7  QinJdFrRtd/Mm1hkGqqU8FIgQPK/trviQyti2UQCrnUosYSJdRaCFw==
            B 8  =/Deu
            B 9  -----END PGP SIGNATURE-----

        Finally we move the PGP information to the headers.

            H    To: foo@site.com
            H    X-Pgp-Signed: Version=2.6.3ia; Charset=noconv;
            H        Comment="Processed by xxx"; Signature=
            H        "iQBVAwUBMbW4lMC67dVHFB01AQHB6wH9EV5vJ/hBCUqBGJc5470cu6"
            H        "QinJdFrRtd/Mm1hkGqqU8FIgQPK/trviQyti2UQCrnUosYSJdRaCFw=="
            H        "=/Deu";
            .    --text follows this line--
            B    test message
            B

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* jari.aalto@poboxes.com (Jari Aalto+list.ding)  on Tue, 20 Apr 1999
| C'mon Rat, this was discussed 3 years ago with proven results that
| PGP can be reduces to header based X-pgp and still be validated.
| (See Gnus group from dejanews)

And my own personal experience with X-Pgp is that it is trivial for a
message to be modified such that it cannot be automatically validated.
Specifically, while I was running a news server at the Dana-Farber Cancer
Institute, I could not automatically check newgroup and rmgroup controls
because the news to mail gating added whitespace to those articles.  At the
time, X-Pgp signatures were used with all official 'big 6' controls.  I had 
to manually edit each control message several times in an attempt to get
the correct trailing whitespace, each time rebuilding the signature block
delimiters, in order to validate the signatures.  After doing that three or 
four times, and being told I was stupid by those using X-Pgp, I stopped
bothering.

In other words, while your statement is true, it is misleading: X-Pgp can
*usually* be validated, but sometimes it cannot.  That 'sometimes it
cannot' makes it utterly useless.

PGP/MIME was nascent back when PGP 2.3a was new, long before X-Pgp was an
idea.  Actually, X-Pgp was an idea that far back, but it was abandoned for
exactly the reasons I described above.  X-Pgp was never preferred by anyone 
except those who refused to accept the fact that it is ridiculously,
stupidly broken.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3HILTgl+vIlSVSNkRAuQAAJ44Rf5BuDTwDe0muqTNIKeQncHQ9QCgxq9h
eiiplSfARqBxvM90qNpZ5S4=
=e5AW
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Caution: Happy Fun Ball may suddenly
Minion of Nathan - Nathan says Hi! \ accelerate to dangerous speeds.
PGP Key: at a key server near you!  \ 

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* jari.aalto@poboxes.com (Jari Aalto+list.ding)  on Tue, 20 Apr 1999
| | Just because someone drafted a Request for Comments does not make the
| | standard described therein a good one.

| It's not something new...

I never said it was something new.  I said that just because someone wrote
a standard and submitted it to the IETF does not automatically make it a
good standard.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3HIO2gl+vIlSVSNkRAsX7AJ9nfAuqzKEqrKD07qiL6+I1pgJ0EgCfTFlg
FOSb8MVOqr/6+wz5jikLoVs=
=KrsK
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Happy Fun Ball contains a liquid core,
Minion of Nathan - Nathan says Hi! \ which, if exposed due to rupture, should
PGP Key: at a key server near you!  \ not be touched, inhaled, or looked at.

Re: Once again: PGnus & PGP

[Hrvoje Niksic]

Stainless Steel Rat <ratinox@peorth.gweep.net> writes:

> * jari.aalto@poboxes.com (Jari Aalto+list.ding)  on Tue, 20 Apr 1999
> | | Just because someone drafted a Request for Comments does not make the
> | | standard described therein a good one.
> 
> | It's not something new...
> 
> I never said it was something new.  I said that just because someone wrote
> a standard and submitted it to the IETF does not automatically make it a
> good standard.

What is wrong about it (except for it not being supported by PGP
itself)?  At least it guarantees you the ability to recover the whole
MIME message.

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Hrvoje Niksic <hniksic@srce.hr>  on Tue, 20 Apr 1999
| What is wrong about it (except for it not being supported by PGP
| itself)?  At least it guarantees you the ability to recover the whole
| MIME message.

The purpose of digital signatures is to validate that a message has been
transmitted without modification.

Many mail and news systems will append whitespace to messages.  Some strip
whitespace.  To compensate, following the lead set by the PEM format
standard, PGP marks signed areas with delimiters.  Thus, if a message has
whitespace appended or removed, it will not affect the signed area.

X-Pgp removes those delimiters.

If the message body is modified in transmission, the signed area will have
changed.  Correct reconstruction of the message cannot be guaranteed.  If
reconstruction cannot be guaranteed, validation of the signature cannot be,
either.  If the message's signature cannot be validated, then the signature
is useless.

X-Pgp is a 'standard'.  It is a *BAD* standard.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3HRS1gl+vIlSVSNkRAuIxAKDm24P+5p4ghvjyfJzOGCRmeQcW2gCfa2Mt
LD4Dx+cKPt/U6rYRAEWrQdY=
=AXgJ
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ When not in use, Happy Fun Ball should be
Minion of Nathan - Nathan says Hi! \ returned to its special container and
PGP Key: at a key server near you!  \ kept under refrigeration.

Re: Once again: PGnus & PGP

[Kai.Grossjohann]

Stainless Steel Rat <ratinox@peorth.gweep.net> writes:

  > Many mail and news systems will append whitespace to messages.  Some strip
  > whitespace.  To compensate, following the lead set by the PEM format
  > standard, PGP marks signed areas with delimiters.  Thus, if a message has
  > whitespace appended or removed, it will not affect the signed area.
  > 
  > X-Pgp removes those delimiters.

IMHO, X-Pgp could be improved by specifying that trailing whitespace
should be removed before signing or verifying the signature.  This is
a kludge, but it might work, might it not?

kai
-- 
Abort this operation?   [Abort]  [Cancel]

Re: Once again: PGnus & PGP

[Jari Aalto+list.ding]

* 1999-04-21 Kai.Grossjohann@CS.Uni-Dortmund.DE list.ding
* Message-Id: <vafso9ue8xk.fsf@ramses.cs.uni-dortmund.de>
| Stainless Steel Rat <ratinox@peorth.gweep.net> writes:
| 
|   > Many mail and news systems will append whitespace to messages.  Some strip
|   > whitespace.  To compensate, following the lead set by the PEM format
|   > standard, PGP marks signed areas with delimiters.  Thus, if a message has
|   > whitespace appended or removed, it will not affect the signed area.
|   > 
|   > X-Pgp removes those delimiters.
| 
| IMHO, X-Pgp could be improved by specifying that trailing whitespace
| should be removed before signing or verifying the signature.  This is
| a kludge, but it might work, might it not?


Uhm. I hate to repeat this all over again. 

When I wrote the X-pgp specification it addressed excatly this problem. The
mesasge were SMF'd (Stripped message formatted), ie. there was strict rules
how to guarrantee whitespace stripping/adding BEFORE signing and
the same was done in the receiving end by doing exactly the same SMF.

Rat dind't understood (maybe he dind't review the spec) that the white
spaces never affected the X-pgp specification I put formally on paper. I
used X-pgp for years without any problems on verifying the message.

The problem was with mailing lists that WENT and modified the body by
adding text to the beginning oe end of the body. In this respect the 
only reliable way is to use those PGP delimiter TAGS. In newsgrousp it was
never a problem and you will find many of my X-pgp signed messages posted
in gnu group somewhere 1995-1997. I bet they still can be verified today
acconding to X-pgp spec.

As long as the only change in body concerned whitespaces, it was as 
robust as regular pgp signing.

Anyway, The X-pgp was an interim solution when we all waited for
MIME to be widely recognized. I've been long disabled the feature
from TinyPgp in favour of PGP/MIME, so let's drop pointing to X-pgp,
shall we?

jari

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* jari.aalto@poboxes.com (Jari Aalto+list.ding)  on Wed, 21 Apr 1999
| The problem was with mailing lists that WENT and modified the body by
| adding text to the beginning oe end of the body. In this respect the
| only reliable way is to use those PGP delimiter TAGS.

Did you ever stop to consider that those of us on the PGP development
mailing list ca PGP 2.3a -- which I was and you were not -- had considered
and abandoned something similar to X-pgp for exactly that reason?
Stripping the PEM-style delimiters is a BAD THING if you replace them with
nothing.

| In newsgrousp it was never a problem and you will find many of my X-pgp
| signed messages posted in gnu group somewhere 1995-1997. I bet they still
| can be verified today acconding to X-pgp spec.

So, the numerous *USENET* control messages signed with X-pgp that I could
not validate are just a figment of my imagination.  I have had a 100%
failure rate with X-pgp in exactly the environment you believe works 100%.
That is why I say X-pgp is a bad standard and recomend that anyone using it 
be smacked upside the head with a large, heavy object.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3HeDigl+vIlSVSNkRAlABAJ4xX7OQ9ptpWJqsVEsMLmDwvPQnWgCg2w0/
8qgTTZQ1CPk2tlVVhrpe1qU=
=8eqZ
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Warning: pregnant women, the elderly, and
Minion of Nathan - Nathan says Hi! \ children under 10 should avoid prolonged
PGP Key: at a key server near you!  \ exposure to Happy Fun Ball.

Re: Once again: PGnus & PGP

[Jari Aalto+list.ding]

[-- Attachment #1: Type: text/plain, Size: 1453 bytes --]

* Wed 1999-04-21 Stainless Steel Rat <ratinox@peorth.gweep.net> list.ding
* Message-Id: <99Apr21.102640edt.13846-3@gateway.intersys.com>
| | In newsgrousp it was never a problem and you will find many of my X-pgp
| | signed messages posted in gnu group somewhere 1995-1997. I bet they still
| | can be verified today acconding to X-pgp spec.
| 
| So, the numerous *USENET* control messages signed with X-pgp that I could
| not validate are just a figment of my imagination.  I have had a 100%
| failure rate with X-pgp in exactly the environment you believe works 100%.
| That is why I say X-pgp is a bad standard and recomend that anyone using it 
| be smacked upside the head with a large, heavy object.

We talk about different X-pgp's. The X-pgp I'm referring to is
the formalised description that addressed the problem you described
(spaces). It is not the same X-pgp that you learnt to know at the start of
X-pgp era.

The X-pgp I formalised was never meant to be an full replacement of PGP
and that was stated all over the document. It was offered as alternative way 
to reduce the ugly PGP blocks cluttering the body eg when relying to 
mail. Moving the signing information to headers made the PGP "good citizen"
again in Newsgroups and mailing lists while still gaining the advantages
of PGP signing. 

For entertainment, here is quote from the now expired document, please
don't take that too seriously, since PGP/MIME is here finally.

jari


[-- Attachment #2: Type: text/plain, Size: 4448 bytes --]



17.0 E APPENDIX -- attacks against not using x-pgp at all

    17.1 We have our own personal threat models

        Before you read further, let's discuss about the threat model
        a bit. The model defines the security (or paranoid) level
        you want to take when using the pgp. Here are couple of examples
        of threat models that describe how people feel about signing.
        The level numbers are presented for clarity reasons only, and
        are not part of any universal convention.

         Mike, threat model rate 10

          He believes that his every word must be protected against forgery
          and that's why he uses pgp for everything. he uses bas64 signing
          all the time because he doesn't trust that clear signing
          would be reliable enough when he sends text documents. He doesn't
          want to know a thing about x-pgp because it brings huge cracks to
          his threat model.

         John, threat model rate 9

          He talks to several big companies everyday and has used regular pgp
          signing for years. It has been proven very usefull and reliable
          way to discuss about things. One day he heard about X-pgp and
          based on his experince that one or two internet nodes node doesn't
          follow the RFC standards (some node discarded the X-headers) he
          decided not to use it. He wants reliability before everything.


         Andy, threat model rate 5-7

          He questionables the added value of pgp signature in his messages.
          After much of hype and everyday use, he starts to think that most
          of the poeple don't even verify his messages while it may have pgp
          signature attached. "To verify the message of an unknow person, I
          would have to fetch his key first and put it into keyring. Why
          should I bother if he isn't my close friend? If I think this
          way, so does other propably too, so what does the pgp signature
          really add to my message?". He still continues to use the
          pgp signing, but he doesn't get upset if he sends mail without
          signature (maybe he was on account that didn't have pgp at hand,
          or he just didn't care to send blocky pgp signature for
          2 line message.)

          When he sees x-pgp standard he starts to think that
          it may suit to his needs. "Yeah, I get rid of the blocky pgp
          noise in the body of message and I still have signing. Great."
          He knows about the possibe X-headers loosing, and that this
          propably never happen: this threat doesn't bother him. He starts
          using x-pgp due to added message clarity.

          Important: He does think the Usenet posts are a different matter
          than his private mail exchange between the other companies.
          He still uses Regular signing for highly important messages,
          but for not so important (usenet posts) he uses X-pgp.

         Joe, threat model rate 3

          He doesn't much believe that he should sign every mail,
          especially he thinks it is snobbish to sign Usenet articles:
          "Why do people do that _there_, do they really believe that the
          their words will be twisted. I haven't seen an Usenet node
          that would have modified article contents." While he
          prefer not to see the PGP noise in the Usenet posts, (his
          phone line is slow and he pays for every character he sees there)
          he understands that sometimes it is justified to sign highly
          important messages: political, announcements.

          He doesn't bother to sign Usenet articles, but he still thinks
          that signing in general sense is a good thing for private
          mail. Depending on the current content and destination of the
          message, he uses x-pgp or regular signing. X-pgp mostly when he
          talks to his frieds and Regular signing when sending important
          mail to customers and companies (well he actually would prefer
          encryption, but many compnies don't have PGP, so he just signs
          the messages.)

        Define your own threat model and examine X-pgp in that light. The
        X-Pgp is only an alternative way to *represent* the signature.
        Depending on your threat model, the possible side effects
        of utilizing x-pgp format may or may not bother you.

Re: Once again: PGnus & PGP

[Stainless Steel Rat]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* jari.aalto@poboxes.com (Jari Aalto+list.ding)  on Wed, 21 Apr 1999
| We talk about different X-pgp's. The X-pgp I'm referring to is
| the formalised description that addressed the problem you described
| (spaces). It is not the same X-pgp that you learnt to know at the start of
| X-pgp era.

That fact is largely irrelevant.  X-pgp's singular failure is that it makes
assumptions about a message that it should not make.  What happens if a
particular mail or news system strips X headers?  This is acceptable
behaviour, annoying though it might be.  And it renders "your" X-pgp
useless.

I could go on, but I have had enough.  X-pgp in any of its incarnations is
Stupidly Evil, and that is the last I will say on it, at least this time
around.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3HhGGgl+vIlSVSNkRAmdOAJwP6X7QknCMDBX0mlSjHuHGswFD+wCdHGuH
B1oKOAjuMWZCrrtKDNkPRy8=
=ojpz
-----END PGP SIGNATURE-----

-- 
Rat <ratinox@peorth.gweep.net>    \ Warning: pregnant women, the elderly, and
Minion of Nathan - Nathan says Hi! \ children under 10 should avoid prolonged
PGP Key: at a key server near you!  \ exposure to Happy Fun Ball.

Re: Once again: PGnus & PGP

[Samuel Tardieu]

On 21/04, Stainless Steel Rat wrote:

| That fact is largely irrelevant.  X-pgp's singular failure is that it makes
| assumptions about a message that it should not make.  What happens if a
| particular mail or news system strips X headers?  This is acceptable
| behaviour, annoying though it might be.  And it renders "your" X-pgp
| useless.

One trivial example is the anonymous remailers case: they strip almost
any headers, and PGP is often used with anonymous remailers to "identify"
the original sender (even anonymous posters like to identify themselves in
the sense where an anonymous ID may become as famous as a real one).

  Sam
-- 
  Samuel Tardieu -- sam@inf.enst.fr

Re: Once again: PGnus & PGP

[Russ Allbery]

Stainless Steel Rat <ratinox@peorth.gweep.net> writes:

> And my own personal experience with X-Pgp is that it is trivial for a
> message to be modified such that it cannot be automatically validated.
> Specifically, while I was running a news server at the Dana-Farber
> Cancer Institute, I could not automatically check newgroup and rmgroup
> controls because the news to mail gating added whitespace to those
> articles.  At the time, X-Pgp signatures were used with all official
> 'big 6' controls.  I had to manually edit each control message several
> times in an attempt to get the correct trailing whitespace, each time
> rebuilding the signature block delimiters, in order to validate the
> signatures.  After doing that three or four times, and being told I was
> stupid by those using X-Pgp, I stopped bothering.

PGP signatures in the headers are still used on nearly all control
messages, not only Big Eight but pretty much every language, regional, and
topic hierarchy with active newsgroup creation.  And yes, trailing
blank lines is the single most common reason why verification sometimes
fails.

-- 
Russ Allbery (rra@stanford.edu)         <URL:http://www.eyrie.org/~eagle/>