How to tell the authentic from the forgeries
Thomas Stevens
Hash: SHA1
It is simple to tell the real from the fake.
All posts from me will be digitally signed using my GPG key.
All other posts, with my name on them, will be from either Frank J.
Camper, or one of his minions.
My GPG Public Key is here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
The fingerprint for that public key is:
19DF 4980 34FA 765B 6AFD F3FE 7A4D 895B 3207 DE33
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklmOksACgkQek2JWzIH3jOajgCgy+Gf1RDqpBkyXPR89XUrp0N4
LWkAoMj3th5hi7Qnivds7KMyXmwyS9Co
=ByBQ
-----END PGP SIGNATURE-----
VanguardLH
> It is simple to tell the real from the fake.
>
> All posts from me will be digitally signed using my GPG key.
>
> All other posts, with my name on them, will be from either Frank J.
> Camper, or one of his minions.
>
> My GPG Public Key is here:
> http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
>
> The fingerprint for that public key is:
> 19DF 4980 34FA 765B 6AFD F3FE 7A4D 895B 3207 DE33
>
> - --
> My GPG Public Key can be found here:
> http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
>
> Using enigmail with Thunderbird, my posts can be verified as authentic.
> Download enigmail here: http://enigmail.mozdev.org
>
> Read the ACF FAQ here:
> http://mehere.fileave.com/
>
> Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
> http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
Uh huh. As if anyone is going to bother to check who owns it. As if
anyone can ensure that someone didn't just slap a pseudo-PGP sig block
in their post. And you didn't even bother to sign this post (apparently
your post here doesn't count as "all posts from me").
http://www.gnupg.org/gph/en/manual.html
"GnuPG is a tool for secure communication."
It is NOT to identify you. You thought Usenet was for encrypted chats?
"A digital signature certifies and timestamps a document."
It is NOT to identify you. You think we care about "secure" posts here?
You can't even be bothered to use a proper sigdash line to delineate
your signature (which means you don't have one). And what you pretend
is your signature violates netiquette by being longer than 4 lines.
s|b
> All posts from me will be digitally signed using my GPG key.
I think this is about the third time I've seen this useless posting.
Unless you change you're From-header I'm pretty sure I won't see it a
fourth time...
--
s|b
VanguardLH
Mike Easter has made some more informed points about why PGP in Usenet
posts is worthless:
http://groups.google.com/group/24hoursupport.helpdesk/msg/910bbd2b3b0fb81c?dmode=source
Ari®
> My GPG Public Key
BWAHAAAAAAAAAHHHHHHHHHHHHAAAAAAAAAAAA
--
Meet Ari! http://tr.im/1fa3
"To get concrete results, you have to be confrontational".
No One
Hash: SHA1
VanguardLH wrote:
> Thomas Stevens (or anyone using that nym) wrote:
>
>> It is simple to tell the real from the fake.
>>
>> All posts from me will be digitally signed using my GPG key.
>>
>> All other posts, with my name on them, will be from either Frank J.
>> Camper, or one of his minions.
>>
>> My GPG Public Key is here:
>> http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
>>
>> The fingerprint for that public key is:
>> 19DF 4980 34FA 765B 6AFD F3FE 7A4D 895B 3207 DE33
>>
>> - --
>> My GPG Public Key can be found here:
>> http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
>>
>> Using enigmail with Thunderbird, my posts can be verified as authentic.
>> Download enigmail here: http://enigmail.mozdev.org
>>
>> Read the ACF FAQ here:
>> http://mehere.fileave.com/
>>
>> Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
>> http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
>
> Uh huh. As if anyone is going to bother to check who owns it.
You're wasting your time.
It doesn't really matter to me if you do, or you don't.
No one *has* to check the validity of the signature.
But, if there's a doubt, they can verify the signature, and they can
*know* that it came from me.
They'll know that *I* signed the message.
That's not really a very difficult concept, even for you.
Take your time. Eventually, you'll get it.
> As if
> anyone can ensure that someone didn't just slap a pseudo-PGP sig block
> in their post.
See, now you're speaking purely from ignorance.
It's obvious to me that you don't know what you're talking about.
But, keep reading.
> And you didn't even bother to sign this post (apparently
> your post here doesn't count as "all posts from me").
You're not only an idiot. You're a blind idiot, too.
Go back and check. I *did* sign it.
> http://www.gnupg.org/gph/en/manual.html
> "GnuPG is a tool for secure communication."
You like quotes? Well, here. I got one for you.
"For messages sent through an insecure channel, a properly implemented
digital signature gives the receiver reason to believe the message was
sent by the claimed sender. Digital signatures are equivalent to
traditional handwritten signatures in many respects; properly
implemented digital signatures are more difficult to forge than the
handwritten type. Digital signature schemes in the sense used here are
cryptographically based, and must be implemented properly to be
effective."
"Digital signatures can be used to authenticate the source of messages.
When ownership of a digital signature secret key is bound to a specific
user, a valid signature shows that the message was sent by that user."
Source: http://en.wikipedia.org/wiki/Digital_signature
> It is NOT to identify you.
And where did I say it was?
> You thought Usenet was for encrypted chats?
Where did I say I did?
When you have nothing with any substance to accuse me of, you think it's
alright to start making stuff up? That's a sure sign of someone with a
low-class mentality.
> "A digital signature certifies and timestamps a document."
> It is NOT to identify you.
What do think the word "certifies" connotes?
> You think we care about "secure" posts here?
I don't really care what *you* care about.
> You can't even be bothered to use a proper sigdash line to delineate
> your signature (which means you don't have one).
To you, maybe. But that's just your opinion. And, you already know I
don't care what you think, or feel, or do, or say.
> And what you pretend
> is your signature violates netiquette by being longer than 4 lines.
Oh, I see. You're an anal neat-freak.
Do you keep your socks neatly folded in your dresser drawer, too?
See, didn't I tell you you were wasting your time?
Now, since you enjoy wasting your time so much, you can go fuck yourself.
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklm4tgACgkQek2JWzIH3jPoYgCeO+xgnxwmGgTD93H9SI9x12eJ
5kwAn01J+eyKXZXwtyzj39ZGtAN/hZ/M
=r0Tt
-----END PGP SIGNATURE-----
No One
Hash: SHA1
VanguardLH wrote:
> Mike Easter has made some more informed points about why PGP in Usenet
> posts is worthless:
All Mike Easter has is a misinformed opinion.
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklm43oACgkQek2JWzIH3jOz+QCfbsArq/bQOHdwq/tm8Y8KxyPU
2JcAnAoshU1+wCIYMfdo3+VYTIEDy/4T
=snZI
-----END PGP SIGNATURE-----
Thomas Stevens
Hash: SHA1
AriŽ wrote:
> On Thu, 08 Jan 2009 12:39:24 -0500, Thomas Stevens wrote:
>
>> My GPG Public Key
>
> BWAHAAAAAAAAAHHHHHHHHHHHHAAAAAAAAAAAA
I'm serious.
Sometimes I feel like I should charge you for the air you're breathing.
You are such a waste of space.
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklm5YwACgkQek2JWzIH3jNO+gCeLNPciILIXsBKdm3DPguYf8sy
hiMAoKJzwomTCdCJttL6koyu8Jc+e5dN
=Wxkt
-----END PGP SIGNATURE-----
Thomas Stevens
Hash: SHA1
Useless to you maybe. Not to me.
I'm not changing anything.
Now get the fuck out of here.
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkln49UACgkQek2JWzIH3jNSagCeNC1CLeJyE3y4V4H1Dvm6XFiY
ZeMAn0umLOFgJhPZ7QQcQrYvUtDC0Obi
=AM9X
-----END PGP SIGNATURE-----
Thomas Stevens
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> s|b wrote:
>> On Thu, 08 Jan 2009 12:39:24 -0500, Thomas Stevens wrote:
>>
>>> All posts from me will be digitally signed using my GPG key.
>>
>> I think this is about the third time I've seen this useless posting.
>> Unless you change you're From-header I'm pretty sure I won't see it
>> a fourth time...
>>
>
> Useless to you maybe. Not to me.
> I'm not changing anything.
> Now get the fuck out of here.
>
Hey Thomas Stevens fake,
Let me assure you as clearly, and as succinctly as I can:
You couldn't be further from the truth.
You must be having another one of your "wet" dreams.
But, this almost begs the question, *why* would you "hope" for something
like that, in the first place. That sure seems like a rather strange way
to start your post. Do you have anything you'd like to share with us?
Buddhism is my path.
---
Meet "Kinky" Friedman, not "Aracari Silverstein" (Frank J. Camper):
http://www.buddhism.net/uploads/1156281126/gallery_414_82_115589.jpg
Ya haa
> But, if there's a doubt, they can verify the signature, and they can
> *know* that it came from me.
Verify, yes. Know it's from you, no.
> They'll know that *I* signed the message.
No.
No One
Hash: SHA1
Ya haa wrote:
> No One said the following on 2009-01-09 06:38:
>
>> But, if there's a doubt, they can verify the signature, and they can
>> *know* that it came from me.
>
> Verify, yes. Know it's from you, no.
You have absolutely no idea what you're talking about.
>> They'll know that *I* signed the message.
>
> No.
Yes.
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklr71cACgkQek2JWzIH3jMZIwCeOA0TfTKDDdbOhQFdtzVCQqdW
O5MAoKpC3JfQ8PknG6VGwXuCYhmUT0Er
=b3RC
-----END PGP SIGNATURE-----
Ragnar
> Ya haa wrote:
>> No One said the following on 2009-01-09 06:38:
>>
>>> But, if there's a doubt, they can verify the signature, and they can
>>> *know* that it came from me.
>> Verify, yes. Know it's from you, no.
>
> You have absolutely no idea what you're talking about.
I'm not talking i'm vriting.
>>> They'll know that *I* signed the message.
>> No.
>
> Yes.
Can you explain how?
Thomas Stevens
Hash: SHA1
Ragnar wrote:
> No One skrevade:
>> Ya haa wrote:
>>> No One said the following on 2009-01-09 06:38:
>>>
>>>> But, if there's a doubt, they can verify the signature, and they can
>>>> *know* that it came from me.
>>> Verify, yes. Know it's from you, no.
>> You have absolutely no idea what you're talking about.
>
> I'm not talking i'm vriting.
Yes, I see you are vriting?
>
>>>> They'll know that *I* signed the message.
>>> No.
>> Yes.
>
> Can you explain how?
Sure. http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklsn58ACgkQek2JWzIH3jOEpwCfXalTFCbX4Uq1nr2tviii13jV
UXsAoLQR4d5aNsZo+uDKokog14dvXL9w
=QdCf
-----END PGP SIGNATURE-----
Ragnar
> Ragnar wrote:
>> No One skrevade:
>>> Ya haa wrote:
>>>> No One said the following on 2009-01-09 06:38:
>>>>
>>>>> But, if there's a doubt, they can verify the signature, and they can
>>>>> *know* that it came from me.
>>>> Verify, yes. Know it's from you, no.
>>> You have absolutely no idea what you're talking about.
>> I'm not talking i'm vriting.
>
> Yes, I see you are vriting?
>
>>>>> They'll know that *I* signed the message.
>>>> No.
>>> Yes.
>> Can you explain how?
>
> Sure. http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
Yes...and?
Is, explain how I can KNOW that YOU signed the message, to hard?
An explanation of the algorithm won't help you.
Thomas Stevens
Hash: SHA1
Ragnar wrote:
> Thomas Stevens:
>>> Can you explain how?
>> Sure. http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
>
> Yes...and?
>
> Is, explain how I can KNOW that YOU signed the message, to hard?
>
> An explanation of the algorithm won't help you.
I'm not the one who needs any help.
If you're not able to discover how, through examining the algorithm,
then nothing I say will convince you.
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklsxYQACgkQek2JWzIH3jM/gwCeLurmVagCyWKpFhyEQ68trrrz
R1UAoMiqlaHdiHx8WKJz9DC8UP+Q9ltj
=jKJy
-----END PGP SIGNATURE-----
Thomas Stevens
Hey Thomas Stevens fake,
Thomas Stevens
Hash: SHA1
Thomas Stevens wrote:
> On Tue, 13 Jan 2009 11:47:00 -0500, Thomas Stevens wrote:
>
> Ragnar wrote:
>>>> Thomas Stevens:
>>>>>> Can you explain how?
>>>>> Sure. http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
>>>> Yes...and?
>>>>
>>>> Is, explain how I can KNOW that YOU signed the message, to hard?
>>>>
>>>> An explanation of the algorithm won't help you.
> I'm not the one who needs any help.
>
> If you're not able to discover how, through examining the algorithm,
> then nothing I say will convince you.
>
> --
> My GPG Public Key can be found here:
> http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
>
> Using enigmail with Thunderbird, my posts can be verified as authentic.
> Download enigmail here: http://enigmail.mozdev.org
>
> Read the ACF FAQ here:
> http://mehere.fileave.com/
>
> Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
> http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
>
> Hey Thomas Stevens fake,
[...]
I digitally sign my posts, so that anyone with my public key on their
keyring can verify that I am the author of the post. They would also
be able to determine if it is a forgery, even if someone else used a
GPG key to digitally sign their post, using my name.
Therefore, anyone can very easily see that *your* post is a forgery.
Thank-you for giving me the opportunity of making that very important
distinction.
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
Read the ACF FAQ here:
http://mehere.fileave.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkls1/UACgkQek2JWzIH3jNLRACgiJjSk1hGVnQ7R1dZS3hqT0zv
VEEAoKZNb+rQxMemhdb3wj0i23VC1WFE
=spPs
-----END PGP SIGNATURE-----
Ragnar
> Ragnar wrote:
>> Thomas Stevens:
>
>>>> Can you explain how?
>>> Sure. http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
>> Yes...and?
>>
>> Is, explain how I can KNOW that YOU signed the message, to hard?
>>
>> An explanation of the algorithm won't help you.
>
> I'm not the one who needs any help.
Ok. Go on and show your ignorance then.
Ragnar
> Thomas Stevens wrote:
>> On Tue, 13 Jan 2009 11:47:00 -0500, Thomas Stevens wrote:
>>
>> Ragnar wrote:
>>>>> Thomas Stevens:
>>>>>>> Can you explain how?
>>>>>> Sure. http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
>>>>> Yes...and?
>>>>>
>>>>> Is, explain how I can KNOW that YOU signed the message, to hard?
>>>>>
> I digitally sign my posts, so that anyone with my public key on their
> keyring can verify that I am the author of the post.
No.
Thomas Stevens
Hash: SHA1
You're wasting your time.
I understand DSA.
You don't.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltAHoACgkQek2JWzIH3jMlbwCfZpqaXWGLoZa8PAORyM07do0y
95MAnRbGkOjQi7+Yi8FcgHcy+Y0lX5f2
=L0RU
-----END PGP SIGNATURE-----
Thomas Stevens
Hash: SHA1
Yes.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltAJEACgkQek2JWzIH3jM+0gCfU7r/3PDk9nEg5Rey++KILfiP
0SsAoMlHQhw7F9W/dWTclda4PNQecM4k
=XEEF
-----END PGP SIGNATURE-----
Franklin
Thomas Stevens is totally clueless as usual.
John Stubbings
> I understand DSA.
dim student allowance?
--
You gotta fight, for your right, to party...
The best of the best in Freeware
http://www.pricelesswarehome.org/
There is no ACF FAQ...
Thomas Stevens
Hash: SHA1
The peon minion wrote:
> Thomas Stevens....
You're free to think whatever you want.
As long as I know you're wrong, that's all that matters to me.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltDyEACgkQek2JWzIH3jPCYgCfbZ9jag1J7GLRCsVdhx7r6jiQ
800AoKldtHccvdyhswpflhZ8XBL1KjRa
=GIn3
-----END PGP SIGNATURE-----
Thomas Stevens
Hash: SHA1
The parasitic forger scrawled:
> dim...
Have you figured out what you meant by "wholesale slaughter" yet, chode?
It must disturb you when you're called on to explain yourself after
making another one of your empty, jejune and gratuitous claims.
You're a pathetic little parasite.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltGLQACgkQek2JWzIH3jMnuACbBJ98Db/pSq3Fh7EvUcxvn2ii
5nkAoLXj+9p9chv8K/Zg3eYNuf82xmMs
=Adyt
-----END PGP SIGNATURE-----
Thomas Stevens
> Thomas Stevens wrote:
>> On Tue, 13 Jan 2009 11:47:00 -0500, Thomas Stevens wrote:
>>
>> Ragnar wrote:
>>>>> Thomas Stevens:
>>>>>>> Can you explain how?
>>>>>> Sure. http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
>>>>> Yes...and?
>>>>>
>>>>> Is, explain how I can KNOW that YOU signed the message, to hard?
>>>>>
>>>>> An explanation of the algorithm won't help you.
>> I'm not the one who needs any help.
>>
>> If you're not able to discover how, through examining the algorithm,
>> then nothing I say will convince you.
>>
>> Hey Thomas Stevens fake,
>
> Thank-you for giving me the opportunity of making that very important
> distinction.
>
It has no effect whatsoever, coming from someone who calls himself
Thomas Stevens, using tste...@nospam.net as an email address.
But, you're a pathological liar. You wouldn't understand that, would
you?
Besides, (and here's the real kicker) I've already admitted to not using
my real email address. But, at least I use my real name. You can't say
that.
It's hard for me to believe you're really that stupid.
-Thomas
---
My Thomas Stevens' photo #1:
http://www.lioncity.net/buddhism/uploads/1226373762/gallery_57391_545_
1231898843.jpg
Thomas Stevens
Hash: SHA1
The parasitic forger John Stubbings has scrawled another forgery.
It's nice seeing you having to stoop so low, Stubby Chode, as to
actually think someone would not be able to figure out that you
forged that post. All anyone has to do is look for 'news.x-privat.org'
in the Message-ID.
But, you're still an amateur forger, aren't you?
I digitally sign my posts, so that anyone with my public key on their
keyring can verify that I am the author of the post. They would also
be able to determine if it is a forgery, even if someone else used a
GPG key to digitally sign their post, while using my name.
Therefore, anyone can very easily see that *your* post is a forgery.
Thank-you for the opportunity of making that very important distinction,
and for the opportunity of giving you another spanking in public.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltXvoACgkQek2JWzIH3jOaCwCgoG0EmtIXB7f03e9ssectVcnY
WeUAn2SYX+FLUSI2CLuarB1IiDtAxpVz
=eabN
-----END PGP SIGNATURE-----
Ya haa
> Ragnar wrote:
>> Thomas Stevens:
>>> Ragnar wrote:
>>>> Thomas Stevens:
>>>>>> Can you explain how?
>>>>> Sure. http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
>>>> Yes...and?
>>>>
>>>> Is, explain how I can KNOW that YOU signed the message, to hard?
>>>>
>>>> An explanation of the algorithm won't help you.
>>> I'm not the one who needs any help.
>> Ok. Go on and show your ignorance then.
>
> You're wasting your time.
Well, I'll give you that.
> I understand DSA.
And?
> You don't.
So? I'll ask the unanswered question again then.
How can I KNOW that YOU signed the message?
Thomas Stevens
Hash: SHA1
You can't be that stupid.
It has been answered.
Learn the Digital Signature Algorithm.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltZkAACgkQek2JWzIH3jNjZACg0gbgz+3GtNuiVUFmdfAbvTGO
BgYAnRVh2oEktWGyNhZMYMgsZkD4Qx/N
=N8MV
-----END PGP SIGNATURE-----
Ya haa
Yes, it's sad to see. But he is not alone.
Thomas Stevens
Hash: SHA1
What is really sad, is that you refuse to study DSA.
If you do, you'll see where you're both wrong.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltaEoACgkQek2JWzIH3jNyMgCdEA0v0g/WtDj7ShHEgUCT9t0z
y7oAoKc2Tv1IfjosqZicJsZ732iZtjHG
=TCwm
-----END PGP SIGNATURE-----
Ya haa
> Ya haa wrote:
>>> You're wasting your time.
>> Well, I'll give you that.
>>
>>> I understand DSA.
>> And?
>>
>>> You don't.
>> So? I'll ask the unanswered question again then.
>>
>> How can I KNOW that YOU signed the message?
>
> It has been answered.
No.
> Learn the Digital Signature Algorithm.
Is that's the answer, you mean that learning an algorithm is going to
tell anyone you signed the message? WOW mr crypto.
How do one know you didn't sign the message.
Thomas Stevens
Hash: SHA1
Ya haa wrote:
> Thomas Stevens said the following on 2009-01-14 05:12:
>> Ya haa wrote:
>
>
>>>> You're wasting your time.
>>> Well, I'll give you that.
>>>
>>>> I understand DSA.
>>> And?
>>>
>>>> You don't.
>>> So? I'll ask the unanswered question again then.
>>>
>>> How can I KNOW that YOU signed the message?
>>
>
>> It has been answered.
>
> No.
Yes. Learn the Digital Signature Algorithm.
>
>> Learn the Digital Signature Algorithm.
>
> Is that's the answer, you mean that learning an algorithm is going to
> tell anyone you signed the message? WOW mr crypto.
>
> How do one know you didn't sign the message.
You're wasting your time. Learn the Digital Signature Algorithm.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltbO0ACgkQek2JWzIH3jNVGACfapqUVLBYk5dflyIUHceaeoud
iosAoMrBbLqjVv2T/OOANlsDwjgfVF4t
=G33u
-----END PGP SIGNATURE-----
Ari®
Save your fingers. "Thomas" hasn't a fucking clue what he is talking
about.
If you would like, this subject has been thoroughly vetted in
alt.privacy, Google and find out what a fool "Thomas" is.
--
Meet Ari! http://tr.im/1fa3
"To get concrete results, you have to be confrontational".
Thomas Stevens
Hash: SHA1
AriŽ wrote:
> On Wed, 14 Jan 2009 05:33:58 +0100, Ya haa wrote:
>
>> Thomas Stevens said the following on 2009-01-14 05:12:
>>> Ya haa wrote:
>>>>> You're wasting your time.
>>>> Well, I'll give you that.
>>>>
>>>>> I understand DSA.
>>>> And?
>>>>
>>>>> You don't.
>>>> So? I'll ask the unanswered question again then.
>>>>
>>>> How can I KNOW that YOU signed the message?
>>> It has been answered.
>> No.
>>
>>> Learn the Digital Signature Algorithm.
>> Is that's the answer, you mean that learning an algorithm is going to
>> tell anyone you signed the message? WOW mr crypto.
>>
>> How do one know you didn't sign the message.
>
> Save your fingers. "Thomas" hasn't a fucking clue what he is talking
> about.
You're a liar. You claim to be "Kinky" Friedman.
> If you would like, this subject has been thoroughly vetted in
> alt.privacy, Google and find out what a fool "Thomas" is.
You're a liar, Frank J. Camper.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltdqsACgkQek2JWzIH3jO8HACgywcfCtum7TR5ap7hmDWbmt35
o84An2nJG4LYcLbsc3wRnX8SG7oYZF6Y
=NTQh
-----END PGP SIGNATURE-----
Ya haa
>
> Save your fingers. "Thomas" hasn't a fucking clue what he is talking
> about.
That's true. So i'll leave it to his fantasy.
> If you would like, this subject has been thoroughly vetted in
> alt.privacy, Google and find out what a fool "Thomas" is.
Already done. I followed that thread for a while.
I find it quite sad that people with a "brain" does not use it.
Well well.
Thomas Stevens
Hash: SHA1
Ya haa wrote:
> AriŽ said the following on 2009-01-14 06:13:
>>
>> Save your fingers. "Thomas" hasn't a fucking clue what he is talking
>> about.
>
> That's true. So i'll leave it to his fantasy.
What purpose do you think there is for a digital signature?
>> If you would like, this subject has been thoroughly vetted in
>> alt.privacy, Google and find out what a fool "Thomas" is.
>
> Already done. I followed that thread for a while.
> I find it quite sad that people with a "brain" does not use it.
You mean like someone that will not use his brain to learn something new?
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltf3kACgkQek2JWzIH3jN0JgCgw8XtubmG4GKYSdsAzZcqvFFW
Ad8An24ORIr9F3L/ZIe/xuz+e/UiVJzo
=K2Ii
-----END PGP SIGNATURE-----
Ya haa
>> Ari® said the following on 2009-01-14 06:13:
>>> Save your fingers. "Thomas" hasn't a fucking clue what he is talking
>>> about.
>> That's true. So i'll leave it to his fantasy.
>
> What purpose do you think there is for a digital signature?
None, in this context.
>>> If you would like, this subject has been thoroughly vetted in
>>> alt.privacy, Google and find out what a fool "Thomas" is.
>> Already done. I followed that thread for a while.
>> I find it quite sad that people with a "brain" does not use it.
>
> You mean like someone that will not use his brain to learn something new?
No, I mean in general.
Thomas Stevens
Hash: SHA1
Ya haa wrote:
> Thomas Stevens said the following on 2009-01-14 07:00:
>>> Ari® said the following on 2009-01-14 06:13:
>>>> Save your fingers. "Thomas" hasn't a fucking clue what he is talking
>>>> about.
>>> That's true. So i'll leave it to his fantasy.
>>
>> What purpose do you think there is for a digital signature?
>
> None, in this context.
What other context would a digital signature have a purpose?
>>>> If you would like, this subject has been thoroughly vetted in
>>>> alt.privacy, Google and find out what a fool "Thomas" is.
>>> Already done. I followed that thread for a while.
>>> I find it quite sad that people with a "brain" does not use it.
>>
>> You mean like someone that will not use his brain to learn something new?
>
> No, I mean in general.
Right. Like, among other things, not using your brain to learn something
new.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkltgNYACgkQek2JWzIH3jOO5wCg3N0+/unG5imVWYgHSwSqN9ol
gnMAoNknPxGFwkSHofM1EiFwXnEtRLbY
=3Q2w
-----END PGP SIGNATURE-----
Ya haa
>>> What purpose do you think there is for a digital signature?
>> None, in this context.
> What other context would a digital signature have a purpose?
Backup, IF your the one tapeing the backup.
>>>>> If you would like, this subject has been thoroughly vetted in
>>>>> alt.privacy, Google and find out what a fool "Thomas" is.
>>>> Already done. I followed that thread for a while.
>>>> I find it quite sad that people with a "brain" does not use it.
>>> You mean like someone that will not use his brain to learn something new?
>> No, I mean in general.
>
> Right. Like, among other things, not using your brain to learn something
> new.
PGP isn't new in any meaning of the word. It's been around for 10-15
years. And NO you can not tell who sent a specific message, only it's
signed with a key.
I'll recommend you to read about crypto and specifically about PGP.
elaich
news:hIOdnaAflf3Vp_vU...@giganews.com:
> It is simple to tell the real from the fake.
And since you are a troll to begin with, your PGP signature verifies that.
Thomas Stevens
Hash: SHA1
Ya haa wrote:
> Thomas Stevens said the following on 2009-01-14 07:06:
>
>>>> What purpose do you think there is for a digital signature?
>
>>> None, in this context.
>
>> What other context would a digital signature have a purpose?
>
> Backup, IF your the one tapeing the backup.
Why do you not see that the same principle applies to text messages?
>>>>>> If you would like, this subject has been thoroughly vetted in
>>>>>> alt.privacy, Google and find out what a fool "Thomas" is.
>>>>> Already done. I followed that thread for a while.
>>>>> I find it quite sad that people with a "brain" does not use it.
>>>> You mean like someone that will not use his brain to learn something
>>>> new?
>>> No, I mean in general.
>>
>> Right. Like, among other things, not using your brain to learn something
>> new.
>
> PGP isn't new in any meaning of the word. It's been around for 10-15
> years. And NO you can not tell who sent a specific message, only it's
> signed with a key.
>
> I'll recommend you to read about crypto and specifically about PGP.
What would you suggest that I read? Do you have anything in mind?
While you're thinking about that, have you read this:
"Digital signature verification is the process of checking the digital
signature by reference to the original message and a given public key,
thereby determining whether the digital signature was created for that
same message using the private key that corresponds to the referenced
public key."
Source: http://www.abanet.org/scitech/ec/isc/dsg-tutorial.html
or this:
"PGP supports message authentication and integrity checking. The latter
is used to detect whether a message has been altered since it was
completed (the message integrity property), and the former to determine
whether it was actually sent by the person/entity claimed to be the
sender (a digital signature). In PGP, these are used by default in
conjunction with encryption, but can be applied to plaintext as well.
The sender uses PGP to create a digital signature for the message with
either the RSA or DSA signature algorithms. To do so, PGP computes a
hash (also called a message digest) from the plaintext, and then
creates the digital signature from that hash using the sender's private
keys."
Source: http://en.wikipedia.org/wiki/Pretty_Good_Privacy
or this:
"A digital signature certifies and timestamps a document. If the
document is subsequently modified in any way, a verification of the
signature will fail. A digital signature can serve the same purpose as a
hand-written signature with the additional benefit of being
tamper-resistant. The GnuPG source distribution, for example, is signed
so that users can verify that the source code has not been modified
since it was packaged."
"Creating and verifying signatures uses the public/private keypair in an
operation different from encryption and decryption. A signature is
created using the private key of the signer. The signature is verified
using the corresponding public key. For example, Alice would use her own
private key to digitally sign her latest submission to the Journal of
Inorganic Chemistry. The associate editor handling her submission would
use Alice's public key to check the signature to verify that the
submission indeed came from Alice and that it had not been modified
since Alice sent it. A consequence of using digital signatures is that
it is difficult to deny that you made a digital signature since that
would imply your private key had been compromised."
Source: http://www.gnupg.org/gph/en/manual/x135.html
It would do you a lot of good to do some reading on the subject,
unless you enjoy looking like an idiot.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklth3IACgkQek2JWzIH3jP6sQCgkhsx42KVv04DBHnbROe3e+a7
+KQAnAodiw138l0ZgmLovnvE8hf3N9fj
=z+EE
-----END PGP SIGNATURE-----
Thomas Stevens
> Mike Easter has made some more informed points about why PGP in Usenet
> posts is worthless:
>
> http://groups.google.com/group/24hoursupport.helpdesk/msg/910bbd2b3b0fb81c?dmode=source
Read this then blow me. You know nothing.
http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J.
Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklsn58ACgkQek2JWzIH3jOEpwCfXalTFCbX4Uq1nr2tviii13jV
UXsAoLQR4d5aNsZo+uDKokog14dvXL9w
=QdCf
-----END PGP SIGNATURE-----
Thomas Stevens
Read and weep, asshole.
http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
- --
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J.
Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklsn58ACgkQek2JWzIH3jOEpwCfXalTFCbX4Uq1nr2tviii13jV
Thomas Stevens
Read and weep asswiper.
Mike Easter
> VanguardLH wrote:
>
>> Mike Easter has made some more informed points about why PGP in Usenet
>> posts is worthless:
>
There is nothing misinformed in the opinion I expressed in the context I
expressed it here
<snippings from link>
From: "Mike Easter"
Newsgroups: 24hoursupport.helpdesk
Subject: Re: open pgp
Date: Wed, 28 Feb 2007 21:43:42 -0800
Message-ID: <45e66809$0$97260$892e...@authen.yellow.readfreenews.net>
Frosty wrote:
> Pennywise
>> One use I used for quite a while was to sign all of my intrenet
>> messages, so if there was ever a question if I sent it or not, I
>> could prove if I did or didn't. ahh girlfriends...
>
> I've seen people do that but I've always wondered if any old person
> couldn't just ^C^V that into any old message and claim to be you.
Almost 100% of the pgp/gpg signed usenet messages you see outside of the
pgp security group and such are totally useless baggage and don't help
prove anything one way or the other.
In the first place, almost all of those messages with pgp baggage are
being read by people who aren't currently holding the public key of the
individual posting them.
In the second place, the process of public key sharing in almost all of
those circumstances is not being 'properly' performed with a 'legitimate'
web of trust, but instead there is simply an untrusted bank of public key
servers where anyone can say they are anyone else and post a public key.
In the third place and regarding ^C^V to a 'wrong' message, that wouldn't
work if the first and second places were actually in place, which they
usually aren't -- because the signature is based on the message digest,
and so pasting the wrong pgp signature on the wrong message digest
wouldn't match.
But, in the third ^C^V place in which there is no 'meaning' to the
signature and no meaning to a public/private key system of clear signing
and no meaning to a web of trust, then a pgp signature is no more
significant than any other non-pgp signature, such as a normal newsmessage
sig.
</snippings>
--
Mike Easter
Thomas Stevens
Hash: SHA1
Is that it?
Is that all you've got?
You can't do any better than that?
You're an amateur troll.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklueo4ACgkQek2JWzIH3jNKGQCeLVgRKJbUzkQwcaLm+DpJsALC
xzUAnRtmN/y7xuJC0RgFdis2QHVhT+8O
=f4l7
-----END PGP SIGNATURE-----
Mike Easter
> Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J.
> Camper):
>
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190
589.jpg
See
http://pgp.mit.edu:11371/pks/lookup?search=0x7A4D895B3207DE33&op=vindex
That shows the MIT keyserver with a 'mixture'/combination of data for
Thomas Stevens & Frank J. Camper in the verbose for key id
0x7A4D895B3207DE33
> My GPG Public Key can be found here:
> http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
That public key as posted is not 'good' in terms of pgp dump:
<snip>
PGPdump Results
Old: Public Key Packet(tag 6)(418 bytes)
Ver 4 - new
Public key creation time - Tue Jan 6 18:15:18 UTC 2009
Pub alg - DSA Digital Signature Algorithm(pub 17)
DSA p(1024 bits) - ...
ERROR: ILLEGAL RADIX64 CHARACTER
The data you provided contains invalid characters. Please make sure the
ASCII armor is present and well-formed. PGPdump supports OpenPGP (RFC 2440
+ bis) and PGP v2 (RFC 1991) packet formats.
</snip> http://www.pgpdump.net/
The pgp dump on the format of the key held (for your keyid) at MIT
keyserver gives the proper result
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3207DE33
(And/But) The (same) MIT keyserver also contains the hummingbird/ Frank J.
Camper data as mentioned above.
--
Mike Easter
Mike Easter
> Mike Easter
>> Thomas Stevens wrote:
>>
>>
>> (And/But) The (same) MIT keyserver also contains the hummingbird/
>> Frank J. Camper data as mentioned above.
>
> Perhaps some absolut.
It gets even more complicated. I have checked 2 different newsservers
(giganews & motzarella) with two different operating systems and 2
different newsreaders - so far - and in the downloaded headers for Thomas
Stevens for Jan 6 (including Jan 5 & 7) do not show any Thomas Stevens
messages with the Subject: My GPG Public Key (only Subject: My GnuPG
Key -- which is not the same). The My GnuPG messages do not contain the
actual key.
However, I can extract directly from the newsserver the message
Path: <snip> !news.giganews.com.POSTED!not-for-mail
Date: Tue, 06 Jan 2009 18:24:28 -0500
From: Thomas Stevens
User-Agent: Thunderbird 2.0.0.19 (Windows/20081209)
Newsgroups: alt.comp.freeware
Subject: My GPG Public Key
Message-ID: <VZ6dnbKpItexdf7U...@giganews.com>
... the GPG (not GnuPg) message does contain the key, and which key,
unlike the GG link to it, does pass the dump gpg test.
I have not yet worked out the 'problem' in the difference in what is
accessible directly from the newsserver and what downloads with the
headers, unless there is some kind of problem with some newsservers
cancelling messages and some newsservers not.
Perhaps there is a message cancelling problem going on here. There's
certainly a fair amount of skulduggery.
Googlegroups shows both for Jan 6, the GnuPG and the GPG.
Date: Tue, 06 Jan 2009 17:56:31 -0500
From: Thomas Stevens
Subject: My GnuPG Key
Message-ID: <VZ6dnbOpItcDfP7U...@giganews.com>
Date: Tue, 06 Jan 2009 18:24:28 -0500
From: Thomas Stevens
Subject: My GPG Public Key
Message-ID: <VZ6dnbKpItexdf7U...@giganews.com>
--
Mike Easter
Mike Easter
> It gets even more complicated. I have checked 2 different newsservers
> (giganews & motzarella)
> Perhaps there is a message cancelling problem going on here. There's
> certainly a fair amount of skulduggery.
>
> Googlegroups shows both for Jan 6, the GnuPG and the GPG.
>
> Date: Tue, 06 Jan 2009 17:56:31 -0500
> From: Thomas Stevens
> Subject: My GnuPG Key
> Message-ID: <VZ6dnbOpItcDfP7U...@giganews.com>
>
> Date: Tue, 06 Jan 2009 18:24:28 -0500
> From: Thomas Stevens
> Subject: My GPG Public Key
> Message-ID: VZ6dnbKpItexdf7U...@giganews.com
The newsservers x-privat & usenet-news provide both of the headers -- so
what is going on is some message cancelling which is being honored by
motzarella and giganews, but which is not being honored by x-privat and
usenet-news.
My interest in this topic/problem is waning; except to point out that the
Tbird/Enigmail 'process' for handling signed messages is to trust whatever
it sees. If someone signs a message, Tbird simply offers to go fetch the
key for it -- (almost) completely ignoring any concept of web of trust.
That seems to me to invite problems of bogus keys severely; such as what
we are currently seeing on the MIT keyserver's 'files'.
--
Mike Easter
Mike Easter
> Thomas Stevens wrote:
>> My GPG Public Key can be found here:
>> http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
>
> That public key as posted is not 'good' in terms of pgp dump:
If the public key is fetched from the message found with Howard Knight's
tool at
http://al.howardknight.net/msgid.cgi?STYPE=msgid&MSGI=%3CVZ6dnbKpItexdf7Un
Z2dnUVZ_j6dnZ2d%40giganews.com%3E or http://snipr.com/a341m
... then there is a good pgp dump result, just as there is when the
message can be retrieved from a newsserver with the message id
<VZ6dnbKpItexdf7U...@giganews.com>
I have no idea what the problem is with the GG retrieval.
But, this business of trying to authenticate messages with the crude
processes demonstrated here which have no web of trust process is totally
silly and unverifiable and a big waste of time and mechanics.
Just because the process /would/ work if there /were/ a web of trust
doesn't mean that it also works right without one. The business of the
web of trust and key 'parties' or exchanges is the first thing that
pgp/gpg-ers are supposed to learn, not the last.
--
Mike Easter
Thomas Stevens
Hash: SHA1
It might help to know that I've never sent my key to the MIT keyserver.
That information (at MIT) is bogus. I have my suspicions on how it got
there. Frank J. Camper would probably know more about that.
Just use the key at
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
which was created only for use on this (alt.comp.freeware) newsgroup.
Also, upon installation, one of the default options of Enigmail is to
"Always trust peoples keys", which of course, should be turned off.
- --
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
Read the ACF FAQ here:
http://mehere.fileave.com/
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklvLHIACgkQek2JWzIH3jPbhgCfSZfAy+ENNLcSZzI596ww8WKj
rVMAnR8PV2mIRySlwDJvKRIuk+mgdm4D
=GLwJ
-----END PGP SIGNATURE-----
Thomas Stevens
Hash: SHA1
Mike Easter wrote:
> But, this business of trying to authenticate messages with the crude
> processes demonstrated here which have no web of trust process is totally
> silly and unverifiable and a big waste of time and mechanics.
>
> Just because the process /would/ work if there /were/ a web of trust
> doesn't mean that it also works right without one. The business of the
> web of trust and key 'parties' or exchanges is the first thing that
> pgp/gpg-ers are supposed to learn, not the last.
And, there's no sense in having a key 'party', if I'm going to be the
only one there.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklvN6UACgkQek2JWzIH3jPkbACfZFaJDQCfZl6rO/tV3ziNkDK0
dUMAoJBub3M2UGMjzJVz5Tv7aYgilYnw
=buop
-----END PGP SIGNATURE-----
elaich
@cluster02.sto:
> Mike, Mike. Don't get carried away. Relax, have a liter or more.
> Perhaps some absolut.
A lot of people here give these trolls way too much attention. So somebody
is spoofing Corliss - he certainly has egged them on with his explosions of
pique and his obsessive behavior.
Killfile the damn trolls, and stop giving them what they want, which is
attention. This group has become so cluttered with this crap that it's
unbelievable.
John Corliss
> The spoofer, John Duh wrote:
>>
>> Mike, Mike. Don't get carried away. Relax, have a liter or more.
>> Perhaps some absolut.
>
> A lot of people here give these trolls way too much attention. So somebody
> is spoofing Corliss - he certainly has egged them on with his explosions of
> pique and his obsessive behavior.
Eliach, did you even notice that you were replying to the very troll who
is causing all of this shit?
> Killfile the damn trolls, and stop giving them what they want, which is
> attention. This group has become so cluttered with this crap that it's
> unbelievable.
Yeah, that's it. Blame it all on me.
You sorry-ass POS.
--
John Corliss BS206. I use nFilter to block all Google Groups posts
because of Googlespam. No ad, cd, commercial, cripple, demo, dotnet,
nag, share, spy, time-limited, trial or web wares OR warez for me, please.
Mike Easter
> Mike Easter wrote:
>> But, this business of trying to authenticate messages with the crude
>> processes demonstrated here which have no web of trust process is
>> totally silly and unverifiable and a big waste of time and mechanics.
> It might help to know that I've never sent my key to the MIT keyserver.
That doesn't keep it from being there. The keyid I've been discussing is
there.
> That information (at MIT) is bogus. I have my suspicions on how it got
> there. Frank J. Camper would probably know more about that.
You mean *some* of the info at MIT is bogus.
My point is that the business of someone reading a post in a newsgroup and
believing it or not believing it does not fulfill a valid web of trust
concept.
> Just use the key at
I have no interest in using a key - yours or anyone else's. I recommend
that you stop clearsigning messages here for the reasons which I explained
earlier. Your concept of clearsigning is invalid.
Your messages here contain too much junk and require too much trimming.
Not only are you cluttering your messages up with clearsigning which is
useless for the reasons explained, but you are also cluttering the message
up with repetitive useless lines with which I disagree; ad hominem,
promotion of your key and enigmail. If you want to use 2 lines promoting
ACF in a sig which autotrims, that's all you should be repetitvely
posting.
--
Mike Easter
Thomas Stevens
Hash: SHA1
Mike Easter wrote:
> Thomas Stevens wrote:
>> Mike Easter wrote:
>
>>> But, this business of trying to authenticate messages with the crude
>>> processes demonstrated here which have no web of trust process is
>>> totally silly and unverifiable and a big waste of time and mechanics.
>
>> It might help to know that I've never sent my key to the MIT keyserver.
>
> That doesn't keep it from being there. The keyid I've been discussing is
> there.
You are "discussing" an *invalid* key.
Why is so hard for you to figure that out?
>> That information (at MIT) is bogus. I have my suspicions on how it got
>> there. Frank J. Camper would probably know more about that.
>
> You mean *some* of the info at MIT is bogus.
No, that's *not* what I mean, you fuckwad.
I mean *all* of the info at MIT is bogus.
> My point is that the business of someone reading a post in a newsgroup and
> believing it or not believing it does not fulfill a valid web of trust
> concept.
>
>> Just use the key at
>
> I have no interest
Then go fuck yourself.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklvd+gACgkQek2JWzIH3jN0yACgwvIN+4OZDBZyfFNuU5SjrolW
pjgAn3/cdPDF3B7WWLvGPoeTDCp8Tu/n
=NANk
-----END PGP SIGNATURE-----
Mike Easter
>> That doesn't keep it from being there. The keyid I've been discussing
>> is there.
>
> You are "discussing" an *invalid* key.
You are mistaken. There is only one key whose keyid is
Key ID - 0x7A4D895B3207DE33
That is the keyid from your key sig here.
> Why is so hard for you to figure that out?
The key to which you are referring in the GG link can also be found on
newsservers and the MIT keyserver. When copied from the GG link it
contains invalid characters for pgp dump as I have posted here in this
thread. When copied from 2 or more different newsservers or the MIT
keyserver it checks out in the pgp dump tool.
>>> That information (at MIT) is bogus. I have my suspicions on how it got
>>> there. Frank J. Camper would probably know more about that.
>>
>> You mean *some* of the info at MIT is bogus.
>
> No, that's *not* what I mean, you fuckwad.
> I mean *all* of the info at MIT is bogus.
Wrong.
I'm not really very interested in reviewing my 'work' again, but I will
double-check to be sure that I haven't said anything in error.
--
Mike Easter
Craig
>
> I'm not really very interested in reviewing my 'work' again, but I will
> double-check to be sure that I haven't said anything in error.
Fwiw;
I appreciate the thread. It's helping me understand some key concepts...
pun wholly unintentional.
thx,
-Craig
Mike Easter
> The key to which you are referring in the GG link can also be found on
> newsservers and the MIT keyserver. When copied from the GG link it
> contains invalid characters for pgp dump as I have posted here in this
> thread. When copied from 2 or more different newsservers or the MIT
> keyserver it checks out in the pgp dump tool.
To explain what is not (exactly) identical (and what is)...
The content of the ascii wrapped certificate of the keyid
0x7A4D895B3207DE33 which has the fingerprint 19DF 4980 34FA 765B 6AFD
F3FE 7A4D 895B 3207 DE33 is not identical and does not give an identical
pgpdump because the two different certificate/s for the same public key
are signed differently.
That is; 'it' - the certificate which has been called 'the public key' -
is the (certificate for the) same public key, public key id, and public
key fingerprint -- but 'it' - the certificate found on the MIT server vs
the certificate found on the newsservers for the Jan 6 message...
From: Thomas Stevens - Subject: My GPG Public Key - Message-ID:
<VZ6dnbKpItexdf7U...@giganews.com>
... differ only in how the (same) public key itself was signed. That
certification process doesn't actually change the value, ie keyid,
fingerprint, etc of the public key itself.
The pgpdump process details all of that stuff. The pgpdump process fails
for some reason on the data copied from the Stevens' GG link when pasted
into the online pgpdump tool. But the GG link is supposed to/ does/
represent the same certificate accessible directly from the newsservers
which still retain it. And the newsserver certificate data *corresponds
to* the certficate of the identical public key 0x7A4D895B3207DE33 -
fingerprint 19DF 4980 34FA 765B 6AFD F3FE 7A4D 895B 3207 DE33 on the MIT
server.
The 'unknown' quantity in this issue is why/howcome the relationship
between the signing of - the signers of - the key certificate - which
certificate keysigning difference involves the 'relationship' between the
two entities/personas Thomas Stevens and Frank J. Camper.
The tear in the fabric of the web of trust is 'exposed' by the pgp dump
details which shows the difference in the certification for the same
public key of Thomas Stevens.
The reason I haven't moved this conversation over to some other group is
because I am thru' talking about it -- I hope. The only reason I have
kept all of these details in this group is because this group is busy with
itself being concerned about spoofed messages and whether or not there
should be any role for pgp/gpg signing of posts here -- and I'm saying
that absent an intact web of trust there is no value in such signing -- so
people are going to have to deal with spoofery some other way/s not
clearsigning.
--
Mike Easter
Thomas Stevens
Hash: SHA1
Mike Easter wrote:
> Mike Easter wrote:
>
>> The key to which you are referring in the GG link can also be found on
>> newsservers and the MIT keyserver. When copied from the GG link it
>> contains invalid characters for pgp dump as I have posted here in this
>> thread.
Well then you don't know what you're doing, and so, you're doing it
wrong.
I copied the key from the Google page and pasted it at this site
http://www.pgpdump.net/
The pgpdump I got back contained *nothing* about "invalid characters".
> When copied from 2 or more different newsservers or the MIT
>> keyserver it checks out in the pgp dump tool.
>
> To explain what is not (exactly) identical (and what is)...
>
> The content of the ascii wrapped certificate of the keyid
> 0x7A4D895B3207DE33 which has the fingerprint 19DF 4980 34FA 765B 6AFD
> F3FE 7A4D 895B 3207 DE33 is not identical and does not give an identical
> pgpdump because the two different certificate/s for the same public key
> are signed differently.
>
> That is; 'it' - the certificate which has been called 'the public key' -
> is the (certificate for the) same public key, public key id, and public
> key fingerprint -- but 'it' - the certificate found on the MIT server vs
> the certificate found on the newsservers for the Jan 6 message...
>
> From: Thomas Stevens - Subject: My GPG Public Key - Message-ID:
> <VZ6dnbKpItexdf7U...@giganews.com>
>
> ... differ only in how the (same) public key itself was signed. That
> certification process doesn't actually change the value, ie keyid,
> fingerprint, etc of the public key itself.
>
> The pgpdump process details all of that stuff. The pgpdump process fails
> for some reason on the data copied from the Stevens' GG link when pasted
> into the online pgpdump tool. But the GG link is supposed to/ does/
> represent the same certificate accessible directly from the newsservers
> which still retain it.
You seem awfully and terribly concerned with the "certificate accessible
directly from the newsservers", when I keep telling you it's bogus.
It's *NOT* the key I created.
It is a forged key, by Frank J. Camper, a.k.a. Ari Silverstein.
Read the next sentence v e r y s l o w l y.
I HAVE NOT SENT ANY GPG KEY TO ANY NEWSSERVER! EVER!!
If there is one with my ID on the MIT newsserver, that does not share
the same original fingerprint of the key I created, then here's what
happened. Frank J. Camper (a.k.a. Ari Silverstein) forged (altered) my
original key, then signed it with his key, using another name, of
course, and Frank J. Camper (a.k.a. Ari Silverstein) sent it to the MIT
newsserver.
My *real* GPG key, the only one that's needed here in alt.comp.freeware,
can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
I can't put it to you any simpler than that.
If you don't understand that, then you don't really know what you're
talking about.
> And the newsserver certificate data *corresponds
> to* the certficate of the identical public key 0x7A4D895B3207DE33 -
> fingerprint 19DF 4980 34FA 765B 6AFD F3FE 7A4D 895B 3207 DE33 on the MIT
> server.
>
> The 'unknown' quantity in this issue is why/howcome the relationship
> between the signing of - the signers of - the key certificate - which
> certificate keysigning difference involves the 'relationship' between the
> two entities/personas Thomas Stevens and Frank J. Camper.
>
> The tear in the fabric of the web of trust is 'exposed' by the pgp dump
> details which shows the difference in the certification for the same
> public key of Thomas Stevens.
Why are so infatuated with "pgpdump", and "web of trust"?
Those two things would be needed, say, if I were corresponding with more
than one other person with GPG *encrypted* emails.
Here in USENET, that sort of technicality is not all that important when
it's only use is to verify if a post was sent from the person listed as
the SENDER, or not.
Take my word for it, the only key you need here in ACF is the one found
here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
> The reason I haven't moved this conversation over to some other group is
> because I am thru' talking about it -- I hope. The only reason I have
> kept all of these details in this group is because this group is busy with
> itself being concerned about spoofed messages and whether or not there
> should be any role for pgp/gpg signing of posts here -- and I'm saying
> that absent an intact web of trust there is no value in such signing -- so
> people are going to have to deal with spoofery some other way/s not
> clearsigning.
Piss on you. I disagree. I don't think you know what you're talking about.
I'm going to do it my way. And, anybody else that does it my way, will
see that I am right, and that you are wrong.
Take my word for it, my way works.
- --
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
Read the ACF FAQ here:
http://mehere.fileave.com/
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEUEARECAAYFAklv2AcACgkQek2JWzIH3jPmBQCgvbLoSzL9WtNxs8owRhxvUdGM
DFsAmKdUO286JBDf7k+INVVDFS3NxOA=
=0o3y
-----END PGP SIGNATURE-----
Mike Easter
> I copied the key from the Google page and pasted it at this site
> http://www.pgpdump.net/
>
> The pgpdump I got back contained *nothing* about "invalid characters".
Good. I would expect that. The GG certificate should be the same as the
certificates from the newsservers.
I finally got a good result from the GG news message cert by using a
different browser; K-Meleon instead of Opera. Thanks for testing it out
yourself.
> You seem awfully and terribly concerned with the "certificate accessible
> directly from the newsservers", when I keep telling you it's bogus.
The newsserver certificate is the same as the GG certificate. What is
different is the MIT keyserver cert.
> It's *NOT* the key I created.
> It is a forged key, by Frank J. Camper, a.k.a. Ari Silverstein.
Forged isn't the right term. Frank J. Camper signed your key, creating a
certification 'process'.
> I HAVE NOT SENT ANY GPG KEY TO ANY NEWSSERVER! EVER!!
You are confusing newsserver with keyserver and yelling out your
confusion. When you post your key here to this group it is propagated via
thousands of newsservers and the key can be accessed from some of those
newsservers. Apparently your message with your key has been cancelled and
some newsservers honor that cancel -- so your message with your key can't
be accessed from some newsservers.
What you are saying is that you have not sent your public key (with its
certificate) to any of the public KEYservers. If your concept of 'things'
is correct, then the keyservers have received your key signed/certificated
by Frank J. Camper. That is not a forgery. Your legitimate key is in
there.
> If there is one with my ID on the MIT newsserver, that does not share
> the same original fingerprint of the key I created, then here's what
> happened. Frank J. Camper (a.k.a. Ari Silverstein) forged (altered) my
> original key, then signed it with his key, using another name, of
> course, and Frank J. Camper (a.k.a. Ari Silverstein) sent it to the MIT
> newsserver.
You still aren't understanding. The MIT certificated public key with the
Frank J. Camper certification are not forged. The FJC certificated TS key
contains exactly the same key as your GG link.
> My *real* GPG key, the only one that's needed here in alt.comp.freeware,
> can be found here:
> http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
That key can be found a lot of places. Besides GG, the same key with the
same certification is found on numerous newsservers as a message, and more
than one keyserver, besides the MIT keyserver, there is another good one
here http://www.uk.pgp.net/pgpnet/wwwkeys.html The WWW Based PGP 5.0 Key
Server System
You should look at some of the things I'm telling you about so that you
can understand what is going on.
You can look up your key on the MIT keyserver and your can look it up on
the uk.pgp keyserver above. If you copy your key certificate from those
servers and use pgpdump on it you will see that your public key and all
kinds of data about it are found from the pgp dump.
The certificates on the public keyservers differ from the certificates at
the GG link which GG message is the same as the newsserver certificates
only in that the public keyserver certificates are 'also'
signed/certificated by Frank J. Camper. That doesn't make anything about
the key 'function' any different. If someone were to use your public key
certificate which they obtained from the public keyservers and which was
signed by FJC, it would work just as well, just the same as the news
message key at GG and on the newsservers.
GG & newsserver messages contain your key, not certificated by FJC
Numerous public keyservers contain your key, certificated by FJC, and
perfectly functional as your key not certificated by FJC.
--
Mike Easter
Thomas Stevens
Hash: SHA1
Mike Easter wrote:
> Numerous public keyservers contain your key, certificated by FJC, and
> perfectly functional as your key not certificated by FJC.
Good. I'm glad to see everything's back to normal again.
You've got a good pgpdump from the Google site.
I know not to use the word newsservers for keyservers.
(It's been a long day and I'm tired.)
And we both know that having a key party to set up a web of trust,
when all that's being done is verifying a signature from a post in
a newsgroup, is not really all that terribly important.
I'm glad we had this little "discussion".
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklv/PYACgkQek2JWzIH3jMAjQCgpUpIFVc8BCsz0OG0/ZIINr94
J/cAn3CfWTHk4n27lMo2AXmBStpTrNkX
=1CWX
-----END PGP SIGNATURE-----
Franklin
I see "Thomas Stevens" is still trolling.
Franklin
>
> [snip]
>
> You are confusing newsserver with keyserver and yelling out your
> confusion.
>
Doesn't anything tell you his posts are trolling?
Mike Easter
> Mike Easter
>> You are confusing newsserver with keyserver and yelling out your
>> confusion.
> Doesn't anything tell you his posts are trolling?
- the troll/ing term is poorly understood and vastly overused, as is
evidenced here
- all of those who post 'ad hominemishly' are behaving trollishly/
boorishly/ rudely
- I don't always totally ignore all of those who are guilty of such
boorish or rude behaviors
--
Mike Easter
Thomas Stevens
Hash: SHA1
And, I suggest you get used to it.
Meanwhile, you can go fuck yourself.
- --
Read the ACF FAQ here:
http://mehere.fileave.com/
Meet "Kinky" Friedman, not "Ari Silverstein" (real name: Frank J. Camper):
http://www.lioncity.net/buddhism/uploads/1156281126/gallery_414_82_1157190589.jpg
My GPG Public Key can be found here:
http://groups.google.com/group/alt.comp.freeware/msg/9885ea73ee4da099
Using enigmail with Thunderbird, my posts can be verified as authentic.
Download enigmail here: http://enigmail.mozdev.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklwdp0ACgkQek2JWzIH3jNL6QCeJcU3vimS4HT5GruwrCfYUuDP
rS0AoJiujuFqUyi1JhD3enZcLrlG713D
=9qy5
-----END PGP SIGNATURE-----