Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: Which one for gabrix nym server?

1 view
Skip to first unread message
Message has been deleted

Kulin Remailer

unread,
Nov 18, 2009, 2:51:39 PM11/18/09
to
Anonymous wrote:
>I've got 2 keys for gabrix nym. Which one is it? Thanks.
>1000A4BD2EFCD5ED
>8F4B507A418BE714

Using the last 8 hex digits to check for these keys on my keychain:

>gpg -kv 2EFCD5ED
pub 1024D/2EFCD5ED 2009-07-23
uid Noauth Nymserver (Send Address) <se...@nym.gabrix.ath.cx>
uid Noauth Nymserver (Pseudonym Server) <con...@nym.gabrix.ath.cx>
sub 2048g/31F33994 2009-07-23

So the first one is that one that I have been using successfully.
The second one:

> gpg -kv 418BE714
gpg: error reading key: public key not found

is not found. To find out more about that key, you can issue:

> gpg -kv 418BE714

and peruse the output. It might be of value to future users for you
to post that output, to help others to avoid the error that caught you.

nymtst


Kulin Remailer

unread,
Nov 18, 2009, 3:08:32 PM11/18/09
to

Following up on my own post ...

I checked for 0x418BE714 on the MIT keyserver:

http://cryptonomicon.mit.edu/

which returned the result:

***********************
Search
results for '0x418be714'


Type bits/keyID Date User ID
_____________________________________________________________________________________________________________________________________

pub 1024D/418BE714 2009-06-13 nym.gabrix.ath.cx (Noauth Nym Key 1) <con...@nym.gabrix.ath.cx>
se...@nym.gabrix.ath.cx (Noauth Nym Key2) <se...@nym.gabrix.ath.cx>

***********************

So Gab generated a set of keys in June 13 2009 when first attempting to
get the nymserver up, and then later generated the second set of keys
on July 23 2009. The latter (and later) keys appear to be operational.

Searching on the MIT keyserver for gabrix, one gets a host of hits,
among them:

**********************


pub 1024D/2EFCD5ED 2009-07-23 Noauth Nymserver (Send Address) <se...@nym.gabrix.ath.cx>


Noauth Nymserver (Pseudonym Server) <con...@nym.gabrix.ath.cx>

_____________________________________________________________________________________________________________________________________

pub 1024D/5A628AC1 2009-07-14 Noauth Nymserver (Send Key) <se...@nym.gabrix.ath.cx>
Noauth Nymserver (Config Key) <con...@nym.gabrix.ath.cx>
_____________________________________________________________________________________________________________________________________

pub 1024D/418BE714 2009-06-13 nym.gabrix.ath.cx (Noauth Nym Key 1) <con...@nym.gabrix.ath.cx>
se...@nym.gabrix.ath.cx (Noauth Nym Key2) <se...@nym.gabrix.ath.cx>

**********************

There are 3 keys - Ouch! No wonder confusion is possible.

Gab's website:

http://pgp.gabrix.ath.cx/

advertises that 0x2EFCD5ED is the correct key.

So the short term solution is to get the key from Gab's website.

Perhaps Gab should revoke the other keys? Or am I missing something?

nymtst


Stray Cat

unread,
Nov 18, 2009, 4:23:57 PM11/18/09
to
On 18 Nov 2009 20:08:32 -0000, Kulin Remailer <rema...@reece.net.au>
wrote:

Snip......

>Perhaps Gab should revoke the other keys? Or am I missing something?

The other keys should be revoked unless the server can and will work
with them concurrently with the most recent key.

Perhaps a better solution would be to set an expiration date when
creating keys, but this wouldn't help the situation when you have keys
being created in such rapid succession.

It becomes workable when the server is going to be around for years
and years, is stable enough to run more or less continuously, and
circumstances don't arise that require the sudden unplanned need for
new keys. But of late, this seems to be not likely.

With the demise of LCS, perhaps one of those who have been around and
providing other services for a decade or more might consider putting
up a nymserver. Alex, this means you :-)

Message has been deleted
0 new messages