Mailing List Archive

Marlon Jabbur <mjabbur@microtecvision.com.br> writes:

> 1. There's Mutt support for GPG ???

Sure see www.gnupg.org

> 2. There's a GPG keyserver, if so where i can download it ????

Not yet, but the HKP keyservers should work fine with all standard keys
(wwwkeys.pgp.net)


Werner

On Mon, Jan 18, 1999 at 01:01:25PM -0400, Marlon Jabbur wrote:

> 1. There's Mutt support for GPG ???

Yes, but it has certain problems.

tlr
--
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1
> Hi! I'm Signature Virus 99! Copy me into your signature and join the fun!

Hi,

Thomas Roessler:
> On Mon, Jan 18, 1999 at 01:01:25PM -0400, Marlon Jabbur wrote:
>
> > 1. There's Mutt support for GPG ???
>
> Yes, but it has certain problems.
>
I haven't noticed any... then again, I might have patched the thing
locally; I can't check right now. :-/

--
Matthias Urlichs | noris network GmbH | smurf@noris.de | ICQ: 20193661

On 1999-01-20 10:08:22 +0100, Matthias Urlichs wrote:

> I haven't noticed any... then again, I might have patched the thing
> locally; I can't check right now. :-/

With big key-rings, mutt's key selection will take eternitys when
working together with gpg.

tlr
--
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1
> Hi! I'm Signature Virus 99! Copy me into your signature and join the fun!

Hi,

Thomas Roessler:
> On 1999-01-20 10:08:22 +0100, Matthias Urlichs wrote:
>
> > I haven't noticed any... then again, I might have patched the thing
> > locally; I can't check right now. :-/
>
> With big key-rings, mutt's key selection will take eternitys when
> working together with gpg.

That's OK, I don't have a big keyring yet. ;-)

--
Matthias Urlichs | noris network GmbH | smurf@noris.de | ICQ: 20193661
The quote was selected randomly. Really. | http://www.noris.de/~smurf/
--
Idaho state law makes it illegal for a man to give his sweetheart a box
of candy weighing less than fifty pounds.

Matthias Urlichs <smurf@noris.de> writes:

> That's OK, I don't have a big keyring yet. ;-)

And Mutt has also problems with big keyrings and pgp; we should find
another solution. I don't think that loading the complete keyring
(okay, only the user ids some some info) into the memory is a good
idea becuase this way it is not possible to have a central keyring
somewhere.


Werner

On 01/20/1999 18:06 +0100, Werner Koch wrote:
>> Matthias Urlichs <smurf@noris.de> writes:
>>
>> > That's OK, I don't have a big keyring yet. ;-)
>>
>> And Mutt has also problems with big keyrings and pgp; we should find
>> another solution. I don't think that loading the complete keyring
>> (okay, only the user ids some some info) into the memory is a good
>> idea becuase this way it is not possible to have a central keyring
>> somewhere.
>>
>>
>> Werner
>>
End of included message

I'm not extremely familiar with the keyring format, so don't fry me if
this is already there, but I'm thinking it might be useful for the
keyring file to contain a (maybe hash-table-based) central directory,
which would make key lookup and location considerably simpler and faster.
Something kinda like what ZIP files (and other similar archive formats)
use maybe...

tw





--
+--------------------------------------+------------------------------------+
| Tim Walberg | Phone: (847) 632-3407 |
| Motorola CE/ITS | Pager: (800) SKY-TEL2 PIN:1384689 |
| 1475 W Shure Dr. IL75-2H14 | FAX: (847) 632-5769 |
| Arlington Heights, IL 60004 | |
+--------------------------------------+------------------------------------+
| http://www.cig.mot.com/~walberg | E-mail: walberg@cig.mot.com, |
| http://www.skytel.com/Paging (pager) | 1384689@skytel.com (pager) |
+--------------------------------------+------------------------------------+

On 1999-01-20 18:06:54 +0100, Werner Koch wrote:

> And Mutt has also problems with big keyrings and pgp; we should
> find another solution. I don't think that loading the complete
> keyring (okay, only the user ids some some info) into the memory is
> a good idea becuase this way it is not possible to have a central
> keyring somewhere.

You are rather obviously right about this.

An easy way to fix this problem would be to pass some "hints" to
gpgm and the PGP public key ring parser, respectively.

For an address, these hints would consist of the mailbox part of the
address, and of the individual words of the personal name. For a
random string, we'd take individual words, once again.

Werner, could you implement a command line interface which permits
for such "hints" with gpgm?

tlr
--
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1
> Hi! I'm Signature Virus 99! Copy me into your signature and join the fun!

On Wed, Jan 20, 1999 at 10:08:22AM +0100, Matthias Urlichs wrote:
> Thomas Roessler:
> > On Mon, Jan 18, 1999 at 01:01:25PM -0400, Marlon Jabbur wrote:
> >
> > > 1. There's Mutt support for GPG ???
> >
> > Yes, but it has certain problems.
> >
> I haven't noticed any... then again, I might have patched the thing
> locally; I can't check right now. :-/
---end quoted text---

I have been using gpg with Mutt and it works great...

other than... I get extra code saying it's running in
unsecure memory. But other than that it works nicely.

Ivan


--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Ivan E. Moore II Rev. Krusty
http://www.tdyc.com rkrusty@tdyc.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Imagination is more important than knowledge - Albert Einstien
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
GPG KeyID=0E1A75E3
GPG Fingerprint=3291 F65F 01C9 A4EC DD46 C6AB FBBC D7FF 0E1A 75E3
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

tlr:
> An easy way to fix this problem would be to pass some "hints" to
> gpgm and the PGP public key ring parser, respectively.

How about something similar to aliases/mailing lists in mutt,
namely explicit links of eMail addresses with key ids within .muttrc?
Just because I think that most of the time you'll use a small subset
of your keyring(s).


ralf
--
http://www.tmt.de/~stephan/

On 1999-01-21 09:32:55 +0100, ralf.stephan@fitug.de wrote:

> How about something similar to aliases/mailing lists in mutt,
> namely explicit links of eMail addresses with key ids within
> .muttrc? Just because I think that most of the time you'll use a
> small subset of your keyring(s).

The pgp-hook provides you with a functionality in this direction,
but the user interface is not yet perfect. ;)

tlr
--
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1
> Hi! I'm Signature Virus 99! Copy me into your signature and join the fun!

Hi,

Ivan E. Moore II:
> other than... I get extra code saying it's running in
> unsecure memory.

Which is because gpg isn't setuid root, which it needs in order to be able
to tell the system that some of its memory should not be swapped out.

That being said, the message should appear only when you're doing
something which requires a secret key...

--
Matthias Urlichs | noris network GmbH | smurf@noris.de | ICQ: 20193661
The quote was selected randomly. Really. | http://www.noris.de/~smurf/
--
>>> Internal error in fortune program:
>>> fnum=2987 n=45 flag=1 goose_level=-232323
>>> Please write down these values and notify fortune program administrator.

Matthias Urlichs <smurf@noris.de> writes:

> Which is because gpg isn't setuid root, which it needs in order to be able
> to tell the system that some of its memory should not be swapped out.
>
> That being said, the message should appear only when you're doing
> something which requires a secret key...

No way. I have to allocate the locked memory early on startup to drop
setuid as soon as possible and I can't check the option at this stage.

Put a

no-secmem-warning

into your ~/.gnupg/options or install as setuid.

Thomas Roessler <roessler@guug.de> writes:

> Werner, could you implement a command line interface which permits
> for such "hints" with gpgm?

I have implemented a new name macthing mode which does this:

If you start a name with a "+" all the words in the name must
be in a user id to match it. I think that is what the HKP server
also does. To implement a OR predicate simply pass more than one user
id on the commandline.

The current code is not the fastest one but as soon as I have written
the new keybox DB, we can make the implemention much more efficient.

It is not yet in the CVS.


Werner

Hi,

Werner Koch:
> Matthias Urlichs <smurf@noris.de> writes:
>
> > That being said, the message should appear only when you're doing
> > something which requires a secret key...
>
> No way. I have to allocate the locked memory early on startup to drop
> setuid as soon as possible and I can't check the option at this stage.

- check if warning necessary; if yes, set flag A
- allocate memory
- drop setuid
- check options; set flag B if the current mode might require a passphrase
- print warning if A && B

> no-secmem-warning
> into your ~/.gnupg/options
>
Hmmm...

--
Matthias Urlichs | noris network GmbH | smurf@noris.de | ICQ: 20193661
The quote was selected randomly. Really. | http://www.noris.de/~smurf/
--
A consultant is an ordinary person a long way from home.