RE: False Decrypt Error...

2006-06-13 Thread Eric Robinson
Hello David, Thanks so much for responding... We have switched from PGP to GPG and we have some of our customers are still using PGP, ¨PGPÁÀNŠˆæ ° is the first part of the message. What you said below is suspicous, I did notice a null value 00, hex 20 20, at the end of the file, I strippe

Re: Corrupting files

2006-06-13 Thread Johan Wevers
Atom Smasher wrote: >btw, what's the threat model where this is advantageous? I can imagine it might be used for plausible deniability: if some law enforcement agency would force you to decrypt the messsage, you could claim you can't and you didn't read it anyway because it's corrupted. Of cours

RE: False Decrypt Error...

2006-06-13 Thread Eric Robinson
Ok, will do, in this case they send 10 files each day and maybe 1 a week errors out like this... Thanks again, Eric - Eric Robinson Business Application Advisor FedEx Corporate Services Internet Engineering & EC Integration 901.263.5749 ---

Re: OpenPGP smartcard restore

2006-06-13 Thread David Shaw
On Tue, Jun 13, 2006 at 09:17:39PM +0100, Tristan Williams wrote: > It works as you suggested. > > gpg is now happy with smartB (and longer asks for smartA). The file > I encrypted with the public key is decrypted correctly. > gpg now references smartB not smartA when listing keys. > > So wha

Re: OpenPGP smartcard restore

2006-06-13 Thread Tristan Williams
On 13 Jun 2006, at 20:37, David Shaw wrote: On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote: I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart cards (smartA and smartB) and I want to verify that I can restore my on-card generated private key should I lo

Re: OpenPGP smartcard restore

2006-06-13 Thread David Shaw
On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote: > I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart > cards (smartA and smartB) and I want to verify that I can restore my > on-card generated private key should I loose the master card > (smartA). I only want t

Re: OpenPGP smartcard restore

2006-06-13 Thread David Shaw
On Tue, Jun 13, 2006 at 06:46:48PM +0100, Tristan Williams wrote: > On 13Jun06 18:07, [EMAIL PROTECTED] wrote: > > On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote: > > > I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart > > > cards (smartA and smartB) and I wa

Re: OpenPGP smartcard restore

2006-06-13 Thread zvrba
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On Tue, Jun 13, 2006 at 06:46:48PM +0100, Tristan Williams wrote: > > Then it makes me wonder what is the purpose of the off card backup > file sk_X.gpg created when the original private key was created via > the on-card method? > Huh, according

Re: OpenPGP smartcard restore

2006-06-13 Thread Ingo Klöcker
On Tuesday 13 June 2006 19:03, markus reichelt wrote: > * markus reichelt <[EMAIL PROTECTED]> wrote: > > Essentially you're saying: no backup of a private key generated > > on/via a smartcard cannot be exported. Because if it could be > > exported, importing the key(s) in question just works. > > S

Re: False Decrypt Error...

2006-06-13 Thread David Shaw
On Tue, Jun 13, 2006 at 01:40:51PM -0500, Eric Robinson wrote: > Hello David, > Thanks so much for responding... > > We have switched from PGP to GPG and we have some of our customers are still > using PGP, > > ¨PGPÁÀNŠˆæ ° is the first part of the message. > > What you said below is suspi

Re: mime and pgp.asc

2006-06-13 Thread Todd Zullinger
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 alifbaa wrote: > I am currently using GPG 1.4.3 on my mac powerbook G4 OSX 10.4.6 I hope that > this is the right forum to post this question, but when i send an email with > attachment and encrypt and sign it, it converts the message into two > attac

Re: OpenPGP smartcard restore

2006-06-13 Thread zvrba
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On Tue, Jun 13, 2006 at 06:55:17PM +0200, markus reichelt wrote: > > I'm not a smartcard user (somehow the concept hasn't been able to > convince me ... yet), but what you write really sounds rather > strange. Essentially you're saying: no backup

Re: OpenPGP smartcard restore

2006-06-13 Thread zvrba
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On Tue, Jun 13, 2006 at 07:03:42PM +0200, markus reichelt wrote: > > Sorry, that was heat-induced and shall read of course as follows: > No need to apologize :) > > Essentially you're saying: a private key generated on/via a smartcard > cannot

mime and pgp.asc

2006-06-13 Thread alifbaa
I am currently using GPG 1.4.3 on my mac powerbook G4 OSX 10.4.6 I hope that this is the right forum to post this question, but when i send an email with attachment and encrypt and sign it, it converts the message into two attachments, one that says "mime-attachment" and one that says "pgp.asc".

Re: False Decrypt Error...

2006-06-13 Thread David Shaw
On Tue, Jun 13, 2006 at 10:37:07AM -0500, Eric Robinson wrote: > Is anyone familiar with the following error? > > Standard Error: gpg: WARNING: unsafe permissions on homedir > "/opt/fxnet/gpg"gpg: WARNING: using insecure memory!gpg: please see > http://www.gnupg.org/faq.html for more informationgp

Re: OpenPGP smartcard restore

2006-06-13 Thread Tristan Williams
On 13Jun06 18:07, [EMAIL PROTECTED] wrote: > On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote: > > I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart > > cards (smartA and smartB) and I want to verify that I can restore my > > on-card generated private key shoul

False Decrypt Error...

2006-06-13 Thread Eric Robinson
Is anyone familiar with the following error? Standard Error: gpg: WARNING: unsafe permissions on homedir "/opt/fxnet/gpg"gpg: WARNING: using insecure memory!gpg: please see http://www.gnupg.org/faq.html for more informationgpg: encrypted with 1024-bit ELG-E key, ID 07B01208, created 2004-07-14 "en

Re: OpenPGP smartcard restore

2006-06-13 Thread markus reichelt
* markus reichelt <[EMAIL PROTECTED]> wrote: > Essentially you're saying: no backup of a private key generated > on/via a smartcard cannot be exported. Because if it could be > exported, importing the key(s) in question just works. Sorry, that was heat-induced and shall read of course as follows:

Re: OpenPGP smartcard restore

2006-06-13 Thread markus reichelt
* [EMAIL PROTECTED] wrote: > If you want to have the same private key on several physical cards, > your only option is off-card generation, with import of the key > afterwards. I'm not a smartcard user (somehow the concept hasn't been able to convince me ... yet), but what you write really sounds

Re: OpenPGP smartcard restore

2006-06-13 Thread zvrba
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote: > I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart > cards (smartA and smartB) and I want to verify that I can restore my > on-card generated private key shou

OpenPGP smartcard restore

2006-06-13 Thread Tristan Williams
I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart cards (smartA and smartB) and I want to verify that I can restore my on-card generated private key should I loose the master card (smartA). I only want to verify that I can do it - not discuss the merits of on-card vs. off-card

Re: Corrupting files

2006-06-13 Thread Ingo Klöcker
Am Dienstag, 13. Juni 2006 09:02 schrieb Samuel ]slund: > On Mon, Jun 12, 2006 at 11:55:54PM +0200, Ingo Klöcker wrote: > > No, it doesn't. You are still believing in security-by-obscurity > > meaning that your additional "encryption" only works as long as you > > and the recipient are the only one

Re: Corrupting files

2006-06-13 Thread Samuel ]slund
On Mon, Jun 12, 2006 at 11:55:54PM +0200, Ingo Klöcker wrote: > No, it doesn't. You are still believing in security-by-obscurity meaning > that your additional "encryption" only works as long as you and the > recipient are the only ones who know the secret rule. Please Ingo, _all_ encryption is