Signing
Lee
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Can any of the erudite readers of this group tell me what is the point
of signing messages as I have done here?
Rgds
Lee
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQA/AwUBNQ2bNOaxtmtT56Z0EQJDuACcCHpwifA2cQx621R4AFtaFE6SJrYAoJ25
QPg3iI1L2DIKPsVoUjTmBmvM
=/lc6
-----END PGP SIGNATURE-----
David Ross
Of course, quoting your message invalidates the signature through the
addition of the > characters.
I sign E-mail when the message is of a type that, if I were the
recipient, I would have preferred a signed hardcopy. Not that I would
verify the signature then. However, if a later dispute arose regarding
the contents of the message and who was the actual sender, a digital
signature would provide some degree of authentication. For example, I
submitted an article for publication in an electronic magazine. I had
already copyrighted the article. The release to the publisher was in a
digitally signed E-mail message. I would be hard pressed to deny the
authenticity of the signed release.
I am an official proponent for reorganizing an existing Usenet
newsgroup. I am signing some newsgroup messsages relating to that
effort. One of the opponents has issued bogus control messages
affecting this process and is also posting messages with several
different aliases and E-mail addresses. To let other know that my
messages are indeed from me and to guard against them being altered or
against forged messages in my name, I am using digital signatures. When
the CFV (call for vote) is posted, I plan to post a message with the
same text appearing twice: once signed with my RSA key and once signed
with my DSS/DH key. The other proponent uses only RSA keys.
Valid control messages for Usenet newsgroups (newgroup or rmgroup
messages) are always digitally signed by the lead Usenet volunteer.
News server administrators generally know they should decline to act on
any control message that is either unsigned or has an invalid
signature.
See <http://ciac.llnl.gov/ciac/CIACHoaxes.html>, where the Computer
Incident Advisory Capability (CIAC) of the U. S. Department of Energy
strongly recommends that messages about computer viruses always be
digitally signed. The CIAC indicates that unsigned virus warnings are
usually hoaxes. That is, the CIAC advises against expending any effort
against a virus unless both the source and content of the virus warning
can be verified as authentic and unaltered.
---
David E. Ross
John
Im not new to PGP, but I am pretty stupid when it comes to this
prive/public key stuff. I've been using PGP to encrypt personal files
and files between others. We agree on a password before hand, then
just pgp -d or use the clipboard utility. Can someone explaing (or
give a URL) exactly how the public/private keys work and what makes
them secure? After reading the below messages, I wonder why I can't
just take those sigs and pretend to be someone else?
Kristofer D. Dale
: > Can any of the erudite readers of this group tell me what is the point
: > of signing messages as I have done here?
well, the most obvious reason that comes to mind is the fact that you
are willing to be recognized as someone willing to take a little extra
trouble to improve the viability of the electronic medium by using this
capability as a matter of course, thereby setting an example for others
who might let this issue slide, thus making it more likely that
unwelcome authories will try to control or prevent privacy and freedom
of speech on this emerging and quite democratic forum...
p.s. you don't see my signature yet, but I'm working on it! ;^]
Gary Novosielski
John wrote:
>
> I've been using PGP to encrypt personal files
> and files between others. We agree on a password before hand, then
> just pgp -d or use the clipboard utility. Can someone explaing (or
> give a URL) exactly how the public/private keys work and what makes
> them secure? After reading the below messages, I wonder why I can't
> just take those sigs and pretend to be someone else?
Last question first. If you take an existing sig, and slap in on a
pretend message, it will no longer verify as valid, if anyone cares to
check it. In fact, if you change even a single character in the
message, the signature will no longer check out as valid. Sigs are NOT
keys. They are one-shot signatures that apply ONLY to the message to
which they were originally attached.
Now about public/private keys: To understand why they're superior to
what you're doing, consider this puzzle:
Suppose you and I want to communicate privately, but we know FOR A FACT
that some bad guy is eavesdropping on every message you send, and every
message I send. To make it a real toughie, also assume that our phones
are tapped, or mail is opened, and we live too far apart to ever meet in
person. How can we ever send a private message? We can't "agree on a
password before hand" because we have no secure way to transmit the
password between us. It's a Catch-22 situation: Before we can set up a
secure communications channel between us, we must already HAVE a secure
communications channel, so we can send the "agreed upon" key.
After you have mulled that over in your head for a while, you may wish
that there was some way you could send me a magic key of some sort that
only I could use but would somehow be USELESS to the badguys. Or
perhaps you would wish that I could send you some key that you could
use, but that would be similarly useless to the badguys. That's exactly
what public keys are. The trick lies in the fact that unlike an "agreed
upon" password, the key that's used to encrypt the message CANNOT be
used to decrypt the message. Only the OTHER key of the keypair can do
that, and the OTHER key is kept secret by you and never transmitted.
If you send me your public key, I can use it to encrypt secret messages
to you that only your private key will be able to decrypt. Even though
the badguys are listening, and find out your public key, it does them no
good because it can't be used to decrypt anything sent to you. The only
thing they could do with it would be to use it to send you a secret
message (from them), but so what? What good does that do them? They
can't decrypt anything I send you. (Neither can I for that matter.)
And if I send you my public key you can use it to send me secret
messages that only MY private key will decrypt. The badguys can snag
it, and if they desired, they too could send me secret messages, but
they still can't read the ones you send me. (Neither can you, for that
matter.)
So there we are. We can now communicate in private, and the bad guys in
the middle can't read our mail.
Is that any clearer?
Gary Novosielski
David Ross wrote:
> I sign E-mail when the message is of a type that, if I were the
> recipient, I would have preferred a signed hardcopy. Not that I would
> verify the signature then. However, if a later dispute arose regarding
> the contents of the message and who was the actual sender, a digital
> signature would provide some degree of authentication. For example, I
> submitted an article for publication in an electronic magazine. I had
> already copyrighted the article. The release to the publisher was in a
> digitally signed E-mail message. I would be hard pressed to deny the
> authenticity of the signed release.
Well, now, that raises a point that's always bothered me. I can see
perfectly well that signing a message helps to support my claim that I
sent it, in situations where it is to my advantage to be able to prove
that I really did. But what's not at all clear is that my signature can
be used to prove that I actually sent a message that I later decide to
disavow.
Suppose I send you a signed note promising to pay you a million dollars
if the sun comes up in the morning. You check the signature using my
public key, and sure enough it's valid. You wait till morning, and sure
enough, the sun comes up. You write me to inform me that you've won the
bet, and ask for your payment.
But I write back, and say: "You're nuts. I never wrote that note. If
it appears to have my signature on it, then someone must somehow have
stolen my private key. Yes, now that I think of it, last week I was
carrying a copy of it on a floppy disk, with the passphrase written
right on the label, and I left it by mistake on the crosstown bus.
Silly me. I guess I'd better think about revoking it, since it's pretty
clear that it has fallin into the wrong hands. By the way, here's my
new, uncompromised key. I should learn to be more careful."
Okay, go ahead, prove I wrote that note.
John
Ahh, so what you are saying is that you signed the message, and for
every message a signature will not be the same, but a combination of
the key on your machine and the contents of the message, therefore
making it impossible to copy? Thanks for clearing that up! You made
everything crystal clear. Thanks! Now I have to figure out how to
implement it.
Jacob Proffitt
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 17 Mar 1998 02:31:45 -0500, Gary Novosielski
<g...@techie.SPAM.ME.NOT.com> wrote:
>But I write back, and say: "You're nuts. I never wrote that note. If
>it appears to have my signature on it, then someone must somehow have
>stolen my private key. Yes, now that I think of it, last week I was
>carrying a copy of it on a floppy disk, with the passphrase written
>right on the label, and I left it by mistake on the crosstown bus.
>Silly me. I guess I'd better think about revoking it, since it's pretty
>clear that it has fallin into the wrong hands. By the way, here's my
>new, uncompromised key. I should learn to be more careful."
While you can do this once, the PGP system is set up so that repeating such
antics becomes increasingly difficult. That's because of the "web of
trust" that goes with using PGP and signing keys of people you know.
Perhaps this is a perversion of the "trusted key" concept, but if I
received such a reply from you, I would know that any key you ever gave me
could never be considered secure. I would revoke any signatures I had
appended to your key and publish the episode widely over my own (hopefully
trusted) signature. I think that when such an event occurs, PGP allows
each step to be verified such that any actions taken can be fully
documented. This web of trust is part of what makes PGP so powerful in
building trusted communities among people who potentially never know each
other on a personal basis.
>Okay, go ahead, prove I wrote that note.
No need. From your actions (whether you wrote the note and renegged or had
the signiture stolen in the way you describe), I know that your signature
(old and new) is insecure. I know that I can't trust anything from you,
ever. Such a move would be communal suicide with ostracism a sure
consequence.
Jacob (just offering my take on a hypothetical situation)
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQA/AwUBNQ6kq3bYNvwaq875EQKXTQCfQ0ApnVL06FhzF4UcIxOfOd20vpIAnRzq
JmGrYrDHnHk1JytnA0662tGq
=kF3/
-----END PGP SIGNATURE-----
Andrew Manore
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lee wrote in message <350d9ad7...@news.clara.net>...
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Can any of the erudite readers of this group tell me what is the point
>of signing messages as I have done here?
>
>Rgds
>Lee
>
>-----BEGIN PGP SIGNATURE-----
>Version: PGP for Personal Privacy 5.5.3
>
>iQA/AwUBNQ2bNOaxtmtT56Z0EQJDuACcCHpwifA2cQx621R4AFtaFE6SJrYAoJ25
>QPg3iI1L2DIKPsVoUjTmBmvM
>=/lc6
>-----END PGP SIGNATURE-----
Signing a message verifies two things:
* That the message is from you.
* That the message has not been forged.
Lets say some fool wanted to forge one a Usenet posting, supposedly from
me.
My public key is at http://home.earthlink.net/~manorea . Once you have that
key, any message that the PGP software verifies as having a valid signature
is a message that originated from me. The fool therefore, can post messages
in my name, but cannot digitally sign them. Sure, the fool can create a PGP
key in my name and upload it to PGP servers, but he can't put it on my
website.
I can guarantee that my DH/DSS and my RSA Public keys on my site are the
real thing, and have originated from *me*.
This works pretty well, unless the fool gets a hold of my passphrase. But
if I understand PGP correctly, even if he knew my passphrase he wouldn't be
able to do anything with it unless he had my *private* key, which is on my
system.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Andrew Manore
Homepage: http://home.earthlink.net/~manorea
PGP Public Key Available
man...@earthlink.net fog...@bigfoot.com
"Fogger" on IRC, ICQ and The Palace
*I Report ALL spam received at either address!*
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-----BEGIN PGP SIGNATURE-----
Version: PGP 5.5.5
iQA/AwUBNQ7ZRQgPToxtzQwzEQLvbQCg9ZBYIITMRUYrukK9QgKFLywN2iUAoOTq
v4ApFuoqCMcxaiqnOghZjf0M
=U6XP
-----END PGP SIGNATURE-----
Zilbandy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gary Novosielski <g...@techie.SPAM.ME.NOT.com> wrote:
>And if I send you my public key you can use it to send me secret
>messages that only MY private key will decrypt. The badguys can snag
>it, and if they desired, they too could send me secret messages, but
>they still can't read the ones you send me. (Neither can you, for
that
>matter.)
...and even if the badguys got your PRIVATE key, they would still need
your pass phrase. If you keep your pass phrase sufficiently long and
not made up of just ordinary words, it would take quite some time and
resources to crack it. Someone posted on this group that a 14
character pass phrase made up of mixed case letters and numbers could
be broken in 14 days. If this is so, then make your pass phrase at
least 16 characters long and, mathmatically speaking, this 14 days
becomes 150 years!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Barry Burnett (Zilbandy) <z...@azstarnet.com> Tucson, Arizona USA
Dead Suburban's Home Page: http://www.azstarnet.com/~zil/suburb/
PGP Public Key: http://www.azstarnet.com/~zil/pgpkey.htm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
Comment: DH/DSS Key: 0xCD102506 - RSA Key: 0xE58E2425
iQA/AwUBNQ66LfuRrybNECUGEQKAnACg8EADC/Q2huzPm2OSKE4yynUHoPAAoNk0
GmCr6CVK7FOi5FIb6uDLbZt9
=5jW8
-----END PGP SIGNATURE-----
Zilbandy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gary Novosielski <g...@techie.SPAM.ME.NOT.com> wrote:
>...
>But I write back, and say: "You're nuts. I never wrote that note.
If
>it appears to have my signature on it, then someone must somehow have
>stolen my private key. Yes, now that I think of it, last week I was
>carrying a copy of it on a floppy disk, with the passphrase written
>right on the label, and I left it by mistake on the crosstown bus.
>Silly me. I guess I'd better think about revoking it, since it's
pretty
>clear that it has fallin into the wrong hands. By the way, here's my
>new, uncompromised key. I should learn to be more careful."
>
>Okay, go ahead, prove I wrote that note.
It may not be able to be proved in a court, but it sure does have a
better chance than without a signature. That's why your private key
should be protected, and your pass phrase never written down. Think of
a company that prints its payroll checks with a check imprinting
machine that includes the authorized signature. This machine is not
just going to be left sitting out on a table while everyone goes to
lunch. This would equate to your carrying a floppy with your secret
key on it and your pass phrase written on the outside. Pretty stupid.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Barry Burnett (Zilbandy) <z...@azstarnet.com> Tucson, Arizona USA
Dead Suburban's Home Page: http://www.azstarnet.com/~zil/suburb/
PGP Public Key: http://www.azstarnet.com/~zil/pgpkey.htm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
Comment: DH/DSS Key: 0xCD102506 - RSA Key: 0xE58E2425
iQA/AwUBNQ68f/uRrybNECUGEQIx2ACgqTEFspSrzm9eGENZP2q9KFD2ooAAoJUS
xiFX1EKs+YVYW5xeNL4b9j/+
=Mvqt
-----END PGP SIGNATURE-----
David Ross
Gary Novosielski wrote:
>
> I previously wrote:
> > I sign E-mail when the message is of a type that, if I were the
> > recipient, I would have preferred a signed hardcopy. Not that I would
> > verify the signature then. However, if a later dispute arose regarding
> > the contents of the message and who was the actual sender, a digital
> > signature would provide some degree of authentication. For example, I
> > submitted an article for publication in an electronic magazine. I had
> > already copyrighted the article. The release to the publisher was in a
> > digitally signed E-mail message. I would be hard pressed to deny the
> > authenticity of the signed release.
> Well, now, that raises a point that's always bothered me. I can see
> perfectly well that signing a message helps to support my claim that I
> sent it, in situations where it is to my advantage to be able to prove
> that I really did. But what's not at all clear is that my signature can
> be used to prove that I actually sent a message that I later decide to
> disavow.
> Suppose I send you a signed note promising to pay you a million dollars
> if the sun comes up in the morning. You check the signature using my
> public key, and sure enough it's valid. You wait till morning, and sure
> enough, the sun comes up. You write me to inform me that you've won the
> bet, and ask for your payment.
> But I write back, and say: "You're nuts. I never wrote that note. If
> it appears to have my signature on it, then someone must somehow have
> stolen my private key. Yes, now that I think of it, last week I was
> carrying a copy of it on a floppy disk, with the passphrase written
> right on the label, and I left it by mistake on the crosstown bus.
> Silly me. I guess I'd better think about revoking it, since it's pretty
> clear that it has fallin into the wrong hands. By the way, here's my
> new, uncompromised key. I should learn to be more careful."
> Okay, go ahead, prove I wrote that note.
This is an area where the technology is far ahead of the law. And I am
not a lawyer. However, I can offer reasoned conjectures.
I suspect there is a presumption with respect to hardcopy documents that
a corporate seal or a notary stamp is valid on the date used. If there
were any question regarding the validity of a sealed or stamped
document, the corporation or notary would have to prove a theft occured;
the recipient of the document would not have to prove a theft of a seal
or stamp did not occur. Proof of theft could include a police report
prior to the questioned use. I believe that the presumed originator of
a document has to prove forgery; the recipient does not have to prove
lack of forgery.
Similarly, you would likely have to prove that your private key and
pass-phrase were compromised or that a forged key (e.g.: fraudulently
using your E-mail address) was used. The presumption would be that you
alone had the ability to sign using your private key.
Further, your failure to revoke your public key promptly could be used
as evidence against a compromise. This is not much different than the
requirement for prompt reporting of a lost credit card; your liability
for charges on a lost card are limited if the loss is promptly
reported.
In other words, the burden of proof would be on you, to prove that you
did not digitally sign an electronic document. I would only have to
prove that the signature was indeed derived from your key.
Steven Walter
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lee... I am fairly new to PGP and still trying to find my way around.
With that having been said, I will give you my reasons for signing my
messages.
1. I am a simple person. If I sign EVERY message out of habit, I do
not have to think about what factors make a message necessary to sign.
2. I visit a couple of newsgroups that can get very testy. While I
am a rather mild-mannered soul, some of my brothers and sisters in the
newsgroups can get a little nasty... to the point where there have
been forged e-mails.
By signing ALL my e-mail, I am making a statement to anyone who
recognizes my posts that a forgery without my signature is probably
not going to be accepted. (You know it's not paranoia when they're
really out there trying to get you!)
3. It looks kewl. Okay, none of my friends have yet asked me about
PGP, or the strange looking signature at the bottom of my messages.
And when I have tried to explain it, their eyes glaze over. But I
still think it makes you look like you're a happening kind of person
on the go, in the know. Or a computer geek.
I really don't have a good reason for even using PGP, other than it
seems like a prudent thing to do that will someday be universally
done.
SDW
- --
"Oh people, know that you have committed great sins. If you ask me
what proof I have for these words, I say it is because I am the
punishment of God. If you had not committed great sins, God would not
have sent a punishment like me upon you!"
- - Genghis Khan, Bukhara 1220
pgp public key:
http://pgp5.ai.mit.edu:11371/pks/lookup?op=get&search=0x06CB6A4B
Lee wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Can any of the erudite readers of this group tell me what is the
point
> of signing messages as I have done here?
>
> Rgds
> Lee
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP for Personal Privacy 5.5.3
>
> iQA/AwUBNQ2bNOaxtmtT56Z0EQJDuACcCHpwifA2cQx621R4AFtaFE6SJrYAoJ25
> QPg3iI1L2DIKPsVoUjTmBmvM
> =/lc6
> -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.5 for non-commercial use <http://www.nai.com>
iQA/AwUBNQ8cBsyl2rUGy2pLEQI9FgCg+DpxXMg8sMTFZv59LxN9/1ZQNQAAoMuM
/gFG0SUpu0Rppf1mKaU4hs0t
=4Yh+
-----END PGP SIGNATURE-----
Gurripato
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Lee... I am fairly new to PGP and still trying to find my way around.
>With that having been said, I will give you my reasons for signing my
>messages.
>
>1. I am a simple person. If I sign EVERY message out of habit, I do
>not have to think about what factors make a message necessary to sign.
>
Do you sign every handwritten document you write? Yes or no,
it is up to you. The same applies to PGP signatures. You might want
to, in order to show it is you who wrote that. On the other hand, you
might want to conceal your identity or your e-mail (to prevent spam).
Signing everything does not necessarily mean a good or bad habit.
Would you, for instance, sign a newsgroup message telling about your
boss´ sexual behavior? If so, he´d better not read it!
> By signing ALL my e-mail, I am making a statement to anyone who
>recognizes my posts that a forgery without my signature is probably
>not going to be accepted. (You know it's not paranoia when they're
>really out there trying to get you!)
Not necessarily. Who can prove that you sign all your
messages? Not even yourself! I might be suspicious if a see an
unsigned messaged with your name/email address on it. But you might
just be too worried about your tax file or your daughter´s party
habits to sign it.
>
>I really don't have a good reason for even using PGP, other than it
>seems like a prudent thing to do that will someday be universally
>done.
>
I wiil not give you reasons, as it would extend too far. But
the mere fact that you use PGP means you are concerned about privacy
matters. As you learn more about it, more reasons will jump to your
mind.
>SDW
>- --
>"Oh people, know that you have committed great sins. If you ask me
>what proof I have for these words, I say it is because I am the
>punishment of God. If you had not committed great sins, God would not
>have sent a punishment like me upon you!"
>
>- - Genghis Khan, Bukhara 1220
Had he signed this quote via PGP, we could know whether he die
really said it. (Allright, I´ll take your word on it, anyway).
Gurripato
>Im not new to PGP, but I am pretty stupid when it comes to this
>prive/public key stuff. I've been using PGP to encrypt personal files
>and files between others. We agree on a password before hand, then
>just pgp -d or use the clipboard utility. Can someone explaing (or
>give a URL) exactly how the public/private keys work and what makes
>them secure? After reading the below messages, I wonder why I can't
>just take those sigs and pretend to be someone else?
>
Don´t worry, we all have been PGPunaware before. Basically,
it goes like this. Unlike conventional, symmetric cyphers (where you
use the same key both for encrypting and decrypting), PGP uses a key
for encrypting (public key) and another for decrypting (private key).
You can encrypt a file or a message with anybody´s public key (that is
why it is called public), but only the holder of the private key can
decrypt it.
That also goes for signing. Only that when signing, you use
your private key. Anybody having your public key can verify it, but
only the holder of the private key (that is you) can produce that
signature. So you cannot pretend to be me unless you sign a message
with MY private key (which, of course, I will not give to you).
Theoretically, it is possible to re-create the private key if
you have the public key. But in practice, doing it for a 1024-bit key
is roughly equivalent to factoring a 1024-bit number which is the
product of two large prime number (it goes differently for DH keys,
but the difficulty is considered to be similar). No cumputer in the
world can do it in a reasonable amount of time (say some million
years).
Lee
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 17 Mar 1998 11:38:24 GMT, atreeona...@mindspring.com
(John) wrote:
>Ahh, so what you are saying is that you signed the message, and for
>every message a signature will not be the same, but a combination of
>the key on your machine and the contents of the message, therefore
>making it impossible to copy? Thanks for clearing that up! You made
>everything crystal clear. Thanks! Now I have to figure out how to
>implement it.
Thanks to everyone who responded to my query. However, I have the same
problem as illustrated above. I can check encrypted messages but how
do I check the sigs on signed unencrypted mail?
Rgds
Lee
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQA/AwUBNRBEzooeetZWahk4EQKxjACgkAOlo7jAvSzNyHgLlJTwQlC7oGgAn1w9
TUsG6kpRGNZhhQ1kxoakRzCq
=jm9Y
-----END PGP SIGNATURE-----
Dave Howe
In our last episode, Gary Novosielski <g...@techie.SPAM.ME.NOT.com> was
heard to say:
<sarcasm>
I've got a better idea - why not take out ALL your money from your
bank account using your cashcard and then tell your bank "Oh yes - I
wrote my pin number on an envelope, put my card inside it and left it
on a bus last week - can I have all my money back in my account
please?
</sarcasm>
On the whole, you are usually assumed to be the sole holder of a
private key, and it is assumed that you will revoke it almost
instantly if it is compromised, the same way you would notify your
bank if your cash card went AWOL.
__--== DHowe (is at) Tecsun.Demon.CoUk ==--__
Dave Howe
In our last episode, lark@~~clara.net (Lee) was heard to say:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>On Tue, 17 Mar 1998 11:38:24 GMT, atreeona...@mindspring.com
>(John) wrote:
>
>>Ahh, so what you are saying is that you signed the message, and for
>>every message a signature will not be the same, but a combination of
>>the key on your machine and the contents of the message, therefore
>>making it impossible to copy? Thanks for clearing that up! You made
>>everything crystal clear. Thanks! Now I have to figure out how to
>>implement it.
>
>
>Thanks to everyone who responded to my query. However, I have the same
>problem as illustrated above. I can check encrypted messages but how
>do I check the sigs on signed unencrypted mail?
If your email reader does not support it, copy to the clipboard and
use pgp to check the clearsig.
>
>Rgds
>Lee
>-----BEGIN PGP SIGNATURE-----
>Version: PGP for Personal Privacy 5.5.3
>
>iQA/AwUBNRBEzooeetZWahk4EQKxjACgkAOlo7jAvSzNyHgLlJTwQlC7oGgAn1w9
>TUsG6kpRGNZhhQ1kxoakRzCq
>=jm9Y
>-----END PGP SIGNATURE-----
>
__--== DHowe (is at) Tecsun.Demon.CoUk ==--__
Gary Novosielski
Dave Howe wrote:
> <sarcasm>
> I've got a better idea - why not take out ALL your money from your
> bank account using your cashcard and then tell your bank "Oh yes - I
> wrote my pin number on an envelope, put my card inside it and left it
> on a bus last week - can I have all my money back in my account
> please?
> </sarcasm>
In fact, my bank will NOT let me take ALL the money from my account
unless I show up in person and sign the withdrawl slip. ATM
transactions are limited to maybe US$200 on any particular day,
partially to guard against losses like that.
But the real question is whether a bank would (or could) feel confident
enough, upon receiving a signed PGP message from me, saying "Pay to the
order of Joe Schmoe, US$1,000,000.00, One Million and no/100 Dollars",
to hand over the cash. (Hypothetically speaking of course. My
particular bankers, looking at my particular account balance, would
simply burst out laughing.)
I think this issue is considerably murkier than the case where I *want*
to prove that I sent the message, for example in order to claim a
prize. It seems like there is a piece missing here that I can't quite
put my finger on.
Robert de Bruijn
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tue, 17 Mar 1998 01:59:05 GMT, Mike Naylor decided to enlighten us
with:
snip, snip
(interesting post about pros and cons of PGP signing usenet messages
deleted)
>will be verifiable. For the rest of us though, PGP signing doesn't
seem to
>accomplish much except perhaps for showing support for PGP.
Which in itself is not such a bad idea.
If non-PGP'ers see the signature and ask questions, they might become
PGP converts as well. And the more people use programs such as PGP,
the more difficult it becomes for a government to bad its use.
It is easier to take something away that almost no-one uses, than to
take something away that people use and appreciate.
The more people are aware of encryption, the more chance we have of
trying to protect the little privacy we have left.
My 0,02 Euro
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQA/AwUBNRFUF/T906td4IH6EQLHrgCg5kXJz55E+x+nUnK8Z4bukgad1ccAni2K
s04QRUq4UKs/k6aVPzm4GK4i
=Kss6
-----END PGP SIGNATURE-----
--
Robert de Bruijn, CNA
Den Haag, Holland
.sig under construction ;-)
Survivor
On Tue, 17 Mar 1998 02:15:35 GMT, tmccune@DELETE_THISborg.com (Tom
McCune) wrote:
>In article <350d9ad7...@news.clara.net>, la...@clara.net wrote:
>
>>Can any of the erudite readers of this group tell me what is the point
>>of signing messages as I have done here?
>
>It is proof that the message came from you, and that the message has not been
>altered since you signed it. It could only be signed by your private key, and
>it is your public key that is used to verify the signature.
>
>______________________________________
>Tom McCune, Holland Patent, New York
Another very useful and practical reason for signing messages is to
make it possible for the reader to be absolutely certain key data
(such as numbers) haven't been corrupted in the transmission of the
message. Garbled text generally would be obvious in most messages,
but it's much more difficult to determine whether or not numbers have
changed, especially when there are many numbers, such as in a
statistical table.
For example, there are several forums on the Internet where AIDS
activists and researchers share their opinions and, sometimes,
unpublished research data. The messages are intended for hundreds of
readers, so encryption is inappropriate. But a small number of readers
may need to be certain that the data are correct, especially if the
research results seem surprising. If these folks learned how to use
PGP to sign and verify messages, they could be sure they had received
the same data the sender had posted.
Survivor @ Ground.Zero
George Waring
lark@~~clara.net (Lee) wrote:
/snip/
>Thanks to everyone who responded to my query. However, I have the same
>problem as illustrated above. I can check encrypted messages but how
>do I check the sigs on signed unencrypted mail?
Apparently you are using PGP 553. I'm gonna guess that you have W95,
and that you have the little icon in the tray. If so, then right click
on the icon and click on "decrypt and verify clipboard." You should
get a clipboard with the contents of the message and a little log
showing the identity of the signer.
Obviously you need to have the signers public key on your public key
ring in order to do this. For instance, I cannot verify your
previously signed message because I do not have your public key, nor
does it appear to have been put on any of the key servers.
>-----BEGIN PGP SIGNATURE-----
>Version: PGP for Personal Privacy 5.5.3
>
>iQA/AwUBNRBEzooeetZWahk4EQKxjACgkAOlo7jAvSzNyHgLlJTwQlC7oGgAn1w9
>TUsG6kpRGNZhhQ1kxoakRzCq
>=jm9Y
>-----END PGP SIGNATURE-----
--
Remove the text "remove" form my e-mail address
George Waring <george at waring dot com>
pgp Key: http://pgp5.ai.mit.edu:11371/pks/lookup?op=get&search=0xCF6C66DD
Lorens Kockum
In alt.security.pgp, David Ross <ros...@acm.org> wrote:
>
>Further, your failure to revoke your public key promptly could be used
>as evidence against a compromise. This is not much different than the
>requirement for prompt reporting of a lost credit card; your liability
>for charges on a lost card are limited if the loss is promptly
>reported.
Problem is, if you lose your card, you usually discover that quickly.
If somebody *copies* your PGP key, you probably wouldn't know it until
it reappeared elsewhere. Similarly, "oh, shit, I telnetted to another
box and I typed my passphrase, somebody must have been sniffing the
local net".
--
#include <std_disclaim.h> Lorens Kockum
zed
-----BEGIN PGP SIGNED MESSAGE-----
In article <35115886...@techie.SPAM.ME.NOT.com>, Gary
Novosielski <g...@techie.SPAM.ME.NOT.com> wrote:
<snip>
>I think this issue is considerably murkier than the case where I
*want*
>to prove that I sent the message, for example in order to claim a
>prize. It seems like there is a piece missing here that I can't
quite
>put my finger on.
Could the missing piece be that there ia a direct relationship
that as you move you key from an place where your key is well guarded
to where it might be more easliy lost, on a disk sitting on a bus
seat, the chances decreases that the person who finds it would know
what it is.
No, I'm not missing the point of your original arguement. It
just seems that you want to find a reason agianst signing.
zed
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.3 for non-commercial use <http://www.pgp.com>
Comment: key id: 0xDD0B5923
iQDVAwUBNRNTPn8Q3lDdC1kjAQFPqQX7Bs9ysED/IJ+nrRKIm52CogHR9EX9GTGI
1b5sOQ1WBxWs+1oen3sS8+jKKUmxVL6IpkEX6Tol3RYV5+sbz3WVnfirlyjRhrHJ
I3HVEw0twdHOu9FYWmV06no4NLzPBTOh7tyRrC+TDReGU+c+ZDZoeWO06JiJI1gz
kYobT/w82Qyh/0Qw+kOa+nJ8qFuqdlcHrfBYtxJpk1HCG6bVs8aJAme+7HAWcUFR
eLtJupEnFbwVIoiwPAMb6SKR7su1Y3gX
=bGsb
-----END PGP SIGNATURE-----
Steven Walter
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Come to think of it, this is exactly the reason I began using PGP. I
saw it in a signature of a Usenet post and got curious. My learning
curve has been at glacier-like speed, but with the help of this ng,
I'm making progress.
SDW
- --
"Oh people, know that you have committed great sins. If you ask me
what proof I have for these words, I say it is because I am the
punishment of God. If you had not committed great sins, God would not
have sent a punishment like me upon you!"
- - Genghis Khan, Bukhara 1220
pgp public key:
http://pgp5.ai.mit.edu:11371/pks/lookup?op=get&search=0x06CB6A4B
Robert de Bruijn wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Tue, 17 Mar 1998 01:59:05 GMT, Mike Naylor decided to enlighten us
> with:
> snip, snip
> (interesting post about pros and cons of PGP signing usenet messages
> deleted)
> >will be verifiable. For the rest of us though, PGP signing doesn't
> seem to
> >accomplish much except perhaps for showing support for PGP.
> Which in itself is not such a bad idea.
>
> If non-PGP'ers see the signature and ask questions, they might
become
> PGP converts as well. And the more people use programs such as PGP,
> the more difficult it becomes for a government to bad its use.
> It is easier to take something away that almost no-one uses, than to
> take something away that people use and appreciate.
> The more people are aware of encryption, the more chance we have of
> trying to protect the little privacy we have left.
> My 0,02 Euro
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 5.0i for non-commercial use
> Charset: noconv
>
> iQA/AwUBNRFUF/T906td4IH6EQLHrgCg5kXJz55E+x+nUnK8Z4bukgad1ccAni2K
> s04QRUq4UKs/k6aVPzm4GK4i
> =Kss6
> -----END PGP SIGNATURE-----
>
> --
> Robert de Bruijn, CNA
> Den Haag, Holland
> .sig under construction ;-)
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.5 for non-commercial use <http://www.nai.com>
Comment: Key ID: 0x06CB6A4B
iQA/AwUBNRPxacyl2rUGy2pLEQL7+ACg10IbUuZhuri1QS+ed2kwCBgqRxUAn3fI
Z160HH9uz5+WtZXwcSbiETMc
=7TcY
-----END PGP SIGNATURE-----
Dave Howe
>Dave Howe wrote:
>> <sarcasm>
>> I've got a better idea - why not take out ALL your money from your
>> bank account using your cashcard and then tell your bank "Oh yes - I
>> wrote my pin number on an envelope, put my card inside it and left it
>> on a bus last week - can I have all my money back in my account
>> please?
>> </sarcasm>
>
>In fact, my bank will NOT let me take ALL the money from my account
>unless I show up in person and sign the withdrawl slip. ATM
>transactions are limited to maybe US$200 on any particular day,
>partially to guard against losses like that.
Hmm. Cash machines here in the uk usually allow ukp200. As I get just
under ukp1k / month salary (and only keep a standing balance of about
ukp200), I could remove the entire balance in six days.
>
>But the real question is whether a bank would (or could) feel confident
>enough, upon receiving a signed PGP message from me, saying "Pay to the
>order of Joe Schmoe, US$1,000,000.00, One Million and no/100 Dollars",
>to hand over the cash. (Hypothetically speaking of course. My
>particular bankers, looking at my particular account balance, would
>simply burst out laughing.)
I think the distinction would be, how happy would your bank be if Joe
Schmoe turned up with a slip of paper (or even a cheque) made out
to him and physically signed? They would probably allow it to be
transferred to another bank account (if you have sufficient balance)
so that they could track down the account holder later if it turned
out to be a forgery. They would definitely not allow him to walk out
the door with a bulging suitcase.
If you made a habit of signing your chequebooks in advance (I know,
you probably wouldn't, but occasionally businessmen do this and leave
the blanks with a secretary for whatever comes up) and lost one, would
you expect people to believe you would not report it to the bank as
soon as you found out?
Again, the "classic" Swiss Bank Account is just account number and
password (I don't know the accuracy of this , but am willing to
believe it) with anyone with both being able to walk in and open the
deposit box or whatever.
>
>I think this issue is considerably murkier than the case where I *want*
>to prove that I sent the message, for example in order to claim a
>prize. It seems like there is a piece missing here that I can't quite
>put my finger on.
I don't know - There is no quick-and-easy answer (or we would all have
gone to Signature card systems by now). I think the only way forward
is to say "how would I do [method of denying Sig] with a paper-and-pen
signature? how would I prevent someone doing this with paper-and-pen?
how can I apply this to a digital sig?
If it seems workable and unblockable, then say "would people believe I
had done this if I told them about it after the fact, or would they
believe that I made it up to get out of the contract?" and "Would a
judge agree with them if it came to court?"