Hi!
As some of you might have noticed, from time to time spam slips
through the filter by means of subscribed users. That is a little bit
annoying but it does not really harm. However, it is worse to reply to
spam or send the mailing list owner a notice of that. That does not
help.
For the
On 02/07/2014 05:32, MFPA wrote:
> Hi
>
>
> On Wednesday 2 July 2014 at 2:26:07 AM, in
> , Jérôme Pinguet wrote:
>
>
> > OpenPGP as a kind of HashCash / proof of work solution
> > to spam?
>
> > If this proposition makes sense, that would open th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 2 July 2014 at 2:26:07 AM, in
, Jérôme Pinguet wrote:
> OpenPGP as a kind of HashCash / proof of work solution
> to spam?
> If this proposition makes sense, that would open the
> way for a huge increase in user bas
> Could this last property of bigger keys, significantly increasing CPU
> time needed to send encrypted/signed messages, be used as an anti-spam
> feature?
Not really. If you've got a hijacked botnet of 50,000 machines, what do
you care if the CPU gets pegged? You're not
cheme.
It increases the resistance to bruteforcing only negligeably, and at the
same time, it increases the CPU time needed to encrypt/decrypt &
sign/verify *a lot*.
Could this last property of bigger keys, significantly increasing CPU
time needed to send encrypted/signed messages, be used as an
Am Mi 22.01.2014, 13:52:09 schrieb Pete Stephenson:
> They're not sending mail to the list itself,
Once, accidentally maybe:
http://lists.gnupg.org/pipermail/gnupg-users/2014-January/048800.html
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Co
Hi folks,
It appears that there's a spammer who has subscribed to the mailing
list and is sending out "cute girl wants to chat" spam in response to
messages sent to the list.
They're not sending mail to the list itself, but rather to the
individual sender addresses that have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 5 October 2012 at 2:55:24 AM, in
, Hauke Laging wrote:
> A less violent option is
> the creation of a second email infrastructure. Make
> (by law) certain addresses (subdomains) accessible only
> by ISPs who fight spa
Am Fr 05.10.2012, 02:00:36 schrieb MFPA:
> Anyway, I would anticipate spam volumes to be lower if all messages
> were encrypted. Would the spammers invest the cpu cycles to encrypt
> their messages to each and every recipient?
They don't have to. They don't even have other
On Tuesday 20 of December 2011 17:34:24 Johan Wevers wrote:
> On 20-12-2011 16:49, Hubert Kario wrote:
> > Yeah, the kind of "protections" banks use is funny. But then, what can
> > they do when people forget their passwords 5 minutes after they set them
> > or use the same password on facebook and
On 20-12-2011 16:49, Hubert Kario wrote:
> Yeah, the kind of "protections" banks use is funny. But then, what can they
> do
> when people forget their passwords 5 minutes after they set them or use the
> same password on facebook and their bank...
They could use the same system that all banks
On Monday 19 of December 2011 10:36:33 Jerome Baum wrote:
> On 2011-12-19 10:31, Jerome Baum wrote:
> > My understanding is that name + DoB + place of birth together are
> > unique. Sometimes. In theory.
>
> Oh but that doesn't mean we should all add our DoB to our UIDs now.
> Remember that your Do
keys?
Granted, this is a nice problem to have! :)
2. Could a malicious or anti-freedom oriented entity use this to
disrupt the FBX network, for example by using a botnet to keep
spamming key servers, similar to email spam botnets.
CC: FBX mail list
>
> --dkg
>
>
&g
On 2011-12-19 10:31, Jerome Baum wrote:
> My understanding is that name + DoB + place of birth together are
> unique. Sometimes. In theory.
Oh but that doesn't mean we should all add our DoB to our UIDs now.
Remember that your DoB is actually secret and only your credit card
company is meant to kn
On 2011-12-18 23:40, MFPA wrote:
>> So are
>> certification policies that say (or don't say but
>> enforce anyway) that you must have an email on your
>> UID. Why refuse to certify _less_ information?
>
> Why indeed. My government won't issue a passport that doesn't include
> my date of birth. The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Sunday 18 December 2011 at 12:06:22 PM, in
, Werner Koch wrote:
> An interesting way to spam key owners. Not a big deal,
> it is easy to add a procmail rule to send them to the
> bit bucket.
I'd not considered the scenari
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 17 December 2011 at 4:58:28 PM, in
, Jerome Baum wrote:
> On 2011-12-17 17:04, MFPA wrote:
>> On Saturday 17 December 2011 at 3:25:56 PM, in
>> , Jerome Baum wrote:
>>> I doubt the validity of those automated checks and
>>> checks
On Sat, 17 Dec 2011 17:15, expires2...@ymail.com said:
> A key's UIDs don't *have to* contain email addresses. But in the case
> where they do, a verification email would be a useful addition. But
An interesting way to spam key owners. Not a big deal, it is easy to
add a procm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 16 December 2011 at 3:51:34 PM, in
, gn...@lists.grepular.com
wrote:
> I understand that once you've uploaded something to the
> keyservers, it can't be removed. Eg, if I sign someone
> elses key and upload that, it will be attached
On 2011-12-17 17:04, MFPA wrote:
> On Saturday 17 December 2011 at 3:25:56 PM, in
> , Jerome Baum wrote:
>> I doubt the validity of those automated checks and
>> checks on the email anyway. What constitutes "owning"
>> f...@example.com?
>
> As far as that server's checking is concerned, being able
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 17 December 2011 at 4:34:23 PM, in
, Jerome Baum wrote:
> On 2011-12-17 16:42, Aaron Toponce wrote:
>> I guess Anonymous or LULZ Security, or the like, could do it out of sheer
>> entertainment, but it would die quickly, as the eff
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 16 December 2011 at 5:50:53 PM, in
, Daniel Kahn Gillmor wrote:
> well, there's the JBARSE key, which i vaguely recall
> having been created in a joking way to threaten
> character assassination, but i can't find any keys that
> it h
On 2011-12-17 17:15, MFPA wrote:
> Since you don't log into a keyserver when you post, and keyservers
> store data but do not perform cryptographic functions, this is pretty
> much inevitable. The "keyserver-no-modify" flag could, in theory,
> carry with it a requirement that modifications to a key
On 2011-12-17 16:42, Aaron Toponce wrote:
> I guess Anonymous or LULZ Security, or the like, could do it out of sheer
> entertainment, but it would die quickly, as the effort in maintaining the
> noise outweighs the benefit of annoying users by several orders of
> magnitude.
I think the point was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 17 December 2011 at 1:23:18 PM, in
, gn...@lists.grepular.com
wrote:
> I find it strange that the keyservers don't do any sort
> of email validation before accepting key submissions
A key's UIDs don't *have to* contain email addre
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 17 December 2011 at 3:25:56 PM, in
, Jerome Baum wrote:
> I doubt the validity of those automated checks and
> checks on the email anyway. What constitutes "owning"
> f...@example.com?
As far as that server's checking is concerned
On Dec 17, 2011, at 10:25 AM, Jerome Baum wrote:
> On 2011-12-17 16:17, David Shaw wrote:
>> It's an interesting server, with different semantics than the
>> traditional keyserver net that we were talking about earlier. Most
>> significantly, it emails the keyholder (at the address on the key)
>>
d then
> signing every key they can find and uploading that to the keyservers?
>
> Has anything like this happened before?
For spam to be truly effective, there needs to be a reward. Littering the
keyservers with bogus keys and signatures, at its current state, wouldn't
provide the d
On 2011-12-17 16:17, David Shaw wrote:
> It's an interesting server, with different semantics than the
> traditional keyserver net that we were talking about earlier. Most
> significantly, it emails the keyholder (at the address on the key)
> before accepting the key into the server. It also sign
On Dec 17, 2011, at 8:23 AM, gn...@lists.grepular.com wrote:
> On 16/12/11 19:07, ved...@nym.hush.com wrote:
>
>> What if keyservers were to limit the amount of keys generated or
>> uploaded to a 'reasonable' amount which no 'real' user would
>> exceed?
>>
>> (i.e. 10/day, or some other number
I have uploaded my key to a keyserver at pgp.com: upload a key to their
keyserver requires a verification by e-mail. Every id (e-mailaddress) in
your key receives an e-mail. Respond to one of those e-mails (clicking
link) to verify you issued the key replacement. But when (one of) your
e-mail accou
On 17/12/11 13:33, Jerome Baum wrote:
>> I find it strange that the keyservers don't do any sort of email
>> validation before accepting key submissions and that they just allow
>> anyone to upload signatures for your key without verifying if you want
>> to allow them first.
>
> What about keys w
On 2011-12-17 14:58, gn...@lists.grepular.com wrote:
> So you agree that there is a point where putting security measures in
> place is a good idea. Where you disagree with me, is you think it is
> unlikely that the keyservers will be abused in this manner in the near
> future.
>
> I guess neither
On 2011-12-17 14:54, gn...@lists.grepular.com wrote:
>> What about keys without an email in the UID?
>
> For the first issue regarding uploading keys, you wouldn't be able to do
> email validation on a key that doesn't have an email address in the UID.
> At the same time, for those keys, you would
On 17/12/11 14:58, gn...@lists.grepular.com wrote:
> It would only take one troll.
Yet, so far so good (in general). And the infrastructure has existed for quite
some years already.
OpenPGP might never become popular enough to attract childish people to the
keyserver network :). I certainly hope
On 17/12/11 14:23, gn...@lists.grepular.com wrote:
> I find it strange that the keyservers don't do any sort of email
> validation before accepting key submissions and that they just allow
> anyone to upload signatures for your key without verifying if you want
> to allow them first.
The key prope
On 17/12/11 13:40, Jerome Baum wrote:
>> The system can be easily abused, therefore it will be abused. It's just
>> a matter of time. How much time, depends on if/when PGP becomes more
>> popular. It doesn't strike me as unreasonable to want to put defences in
>> place before an attack begins.
>
On 2011-12-17 14:29, gn...@lists.grepular.com wrote:
> The system can be easily abused, therefore it will be abused. It's just
> a matter of time. How much time, depends on if/when PGP becomes more
> popular. It doesn't strike me as unreasonable to want to put defences in
> place before an attack b
On 2011-12-17 14:23, gn...@lists.grepular.com wrote:
> I find it strange that the keyservers don't do any sort of email
> validation before accepting key submissions and that they just allow
> anyone to upload signatures for your key without verifying if you want
> to allow them first.
What about
eed upon by the
>> various keyservers?)
>
> What problem are we solving? Keyserver spam isn't an issue yet. We don't
> know if it will ever be.
The system can be easily abused, therefore it will be abused. It's just
a matter of time. How much time, depends on if/wh
On 16/12/11 19:07, ved...@nym.hush.com wrote:
> What if keyservers were to limit the amount of keys generated or
> uploaded to a 'reasonable' amount which no 'real' user would
> exceed?
>
> (i.e. 10/day, or some other number discussed and agreed upon by the
> various keyservers?)
You could st
y the
> various keyservers?)
What problem are we solving? Keyserver spam isn't an issue yet. We don't
know if it will ever be.
--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
--
nameserver 217.79.186.148
nameserver 178.63.2
What if keyservers were to limit the amount of keys generated or
uploaded to a 'reasonable' amount which no 'real' user would
exceed?
(i.e. 10/day, or some other number discussed and agreed upon by the
various keyservers?)
vedaal
___
Gnupg-users m
On 16-12-2011 16:51, gn...@lists.grepular.com wrote:
> I understand that once you've uploaded something to the keyservers, it
> can't be removed. Eg, if I sign someone elses key and upload that, it
> will be attached to their key permanently?
Yes. Of course, you can remove it locally.
> What if
On Dec 16, 2011, at 10:51 AM, gn...@lists.grepular.com wrote:
> I understand that once you've uploaded something to the keyservers, it
> can't be removed. Eg, if I sign someone elses key and upload that, it
> will be attached to their key permanently?
Essentially, yes. Things are theoretically r
On 12/16/2011 10:51 AM, gn...@lists.grepular.com wrote:
> I understand that once you've uploaded something to the keyservers, it
> can't be removed. Eg, if I sign someone elses key and upload that, it
> will be attached to their key permanently?
yes, this is correct. :(
> What if someone were to
I understand that once you've uploaded something to the keyservers, it
can't be removed. Eg, if I sign someone elses key and upload that, it
will be attached to their key permanently?
What if someone were to generate say, 10,000 keypairs with "offensive"
uid names, and then sign my key with each o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 26 October 2010 at 3:04:51 PM, in
, Tiago Faria wrote:
> On Tue, 26 Oct 2010 13:11:33 +
> loadanden...@hotmail.com wrote:
>> Is this an automated machine. I have requested to be
>> off the list many times now. Please let me kno
On Tue, 26 Oct 2010 13:11:33 +
loadanden...@hotmail.com wrote:
> Is this an automated machine. I have requested to be off the list
> many times now. Please let me know if I am writing to rhe ryhg,
> regards Sent on the Sprint® Now Network from my BlackBerry®
> _
Is this an automated machine. I have requested to be off the list many times
now. Please let me know if I am writing to rhe ryhg, regards
Sent on the Sprint® Now Network from my BlackBerry®
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.
> Interestingly enough, the first email I read this morning had a link to
> this:
>
>
http://tech.slashdot.org/story/10/06/12/2339209/Google-Tells-Congress-It-Disclosed-Wi-Fi-Sniffing
>
> And that is just the tip of the ice burg.
>
> --
> Jerry
OMG!! Google is stealing and archiving pictures of m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 12 Jun 2010 07:58:19 -0500
Sonja Michelle Lina Thomas articulated:
> > I would not trust Google with your data, far less mine. They have
> > all ready been accused of illegally pilfering through user data and
> > mining for user wireless info
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 12 June 2010 at 12:37:08 PM, in
, Jerry wrote:
> I would not trust Google with your data, far less mine.
The problem is that you never know if your contact will forward things
to a google account...
- --
Best regards
MFPA
charm.
http://lifehacker.com/66/how-to-use-gmail-as-your-smtp-server
Give them a try. Gmail is free and it can be a good account to pass to
sites that you feel may be spam generators. Gmail has web/pop/imap
access and has fairly decent spam filters.
I would not trust Google with your data
On Sat, 12 Jun 2010 08:39:00 -0400
Jean-David Beyer articulated:
> Yes, I did. They will not accept anything from my MTA even when I use
> the smarthost feature. I can use either their web site server (that I
> detest) or Firefox, but they will not allow sendmail even with
> smarthost.
Please
like a
>> charm.
>
>> http://lifehacker.com/66/how-to-use-gmail-as-your-smtp-server
>
>> Give them a try. Gmail is free and it can be a good account to pass to
>> sites that you feel may be spam generators. Gmail has web/pop/imap
>> access and has fairly decen
ault SMTP server for all of them. Works like a
> charm.
>
> http://lifehacker.com/66/how-to-use-gmail-as-your-smtp-server
>
> Give them a try. Gmail is free and it can be a good account to pass to
> sites that you feel may be spam generators. Gmail has web/pop/imap
> acc
-gmail-as-your-smtp-server
Give them a try. Gmail is free and it can be a good account to pass to
sites that you feel may be spam generators. Gmail has web/pop/imap
access and has fairly decent spam filters.
___
Sonja Michelle Lina Thomas
sonjamiche
er in Canada. She has no trouble sending e-mail to
her sister in France.
Someone in France does seem to be blocking Verizon. At least, they are
blocking me, and I cannot imagine it is just me.
In any case, a very large percentage of SPAM originates from
dynamic IPs, which is why I routinely
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 11 June 2010 at 2:34:44 PM, in
, Mark H. Wood wrote:
> If there is such an RFC, it's rubbish;
I think there is no such RFC, just an assertion from a messaging
industry lobbying group that it's the "best" practice to block mail
from
Unless you have relatively high bandwidth
requirements there is no point. It is *definitely* not worth the
expense just just to avoid an occasional over-zealous mailserver admin
spuriously binning one of your perfectly valid email messages. Even if
you are hosting a website or an incoming mail server
76.185.38.113 is listed in the PBL
Mailservers using this blocklist would probably block mail from you.
Obtaining a static IP is easily done so I don't know why someone would
want to risk using a dynamic IP. In any case, a very large percentage
of SPAM originates from dynamic IPs, which is why I routi
et compared to the other spam i receive; i'm not concerned about it.
> Not to mention that the bother of a couple of extra
> spams is completely dwarfed by the benefit of having
> the public keyserver network.
This is true, but it would be perfectly feasible to have a working
network o
Mark H. Wood wrote:
> On Thu, Jun 10, 2010 at 05:57:50PM +0200, Joke de Buhr wrote:
>> You do not sacrifice legitimate incoming mail because there is an RFC that
>> clearly states mailservers do not operate from dynamic IP addresses.
>> Therefore
>> they can not be considered valid.
>
> If ther
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 10 June 2010 at 4:39:46 PM, in
, Hauke Laging
wrote:
> But that is the wrong argument. The correct argument is
> about the key server share of spam in a world in which
> nearly everyone has a public key. Of course, in tha
On Thu, Jun 10, 2010 at 05:57:50PM +0200, Joke de Buhr wrote:
> You do not sacrifice legitimate incoming mail because there is an RFC that
> clearly states mailservers do not operate from dynamic IP addresses.
> Therefore
> they can not be considered valid.
If there is such an RFC, it's rubbish
On Fri, 11 Jun 2010 09:15:56 +0200
Werner Koch articulated:
> On Fri, 11 Jun 2010 02:16, expires2...@ymail.com said:
>
> > delete them if they don't. Or one message to everybody with a
> > customised subject line for each. Alternatively, those of us who are
>
> That is a good idea. I was think
On Fri, 11 Jun 2010 02:16, expires2...@ymail.com said:
> delete them if they don't. Or one message to everybody with a
> customised subject line for each. Alternatively, those of us who are
That is a good idea. I was thinking of bisecting the mailing list to
make sure that test mails receive the
On 6/10/2010 8:16 PM, MFPA wrote:
> Whenever I post to this list these days I get one of their
> auto-replies, and they always spoof the from address to whatever I had
> in the "to" field of my message to the list.
[lots of discussion deleted]
I think it's safe to say the list moderators are now
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 10 June 2010 at 6:04:37 PM, in
, Hauke Laging
wrote:
> Am Donnerstag 10 Juni 2010 18:39:25 schrieb Jameson
> Rollins:
>> Speaking of spam, I'm getting more spam from some sort of automated
>> ticketing
also begs the question how to define "a dynamic IP" in a manner worthy of an
RFC wanting to be a standard, which was one of the reasons I wanted to find the
RFC you mention.
Meanwhile, in the real world, people do not always comply to all RFC's. If you
define "legitimate mail&quo
Am Donnerstag 10 Juni 2010 18:39:25 schrieb Jameson Rollins:
> Speaking of spam, I'm getting more spam from some sort of automated
> ticketing system that seems to be subscribed to this list that I ever
> have from a keyserver. The mail seems to come from:
>
> secure.mpcust
Speaking of spam, I'm getting more spam from some sort of automated
ticketing system that seems to be subscribed to this list that I ever
have from a keyserver. The mail seems to come from:
secure.mpcustomer.com
and it often sets the From: to be from someone else. This is totally
uncool
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 10 June 2010 at 4:57:50 PM, in
, Joke de Buhr wrote:
> One of the addresses of my key is totally unprotected
> against spam. Nothing is blocked or scanned there. And
> it doesn't get any spam at all.
Fair enough.
On 06/10/2010 11:57 AM, Joke de Buhr wrote:
> You do not sacrifice legitimate incoming mail because there is an RFC that
> clearly states mailservers do not operate from dynamic IP addresses.
> Therefore
> they can not be considered valid.
Please cite this RFC. All IP addresses are "dynamic" i
On Thu, 10 Jun 2010 11:32:05 -0400, Daniel Kahn Gillmor
wrote:
> And i should probably add that it is indeed an infinitesimal drop in the
> bucket compared to the other spam i receive; i'm not concerned about it.
Not to mention that the bother of a couple of extra spams is completely
On Thursday 10 June 2010 17:29:18 MFPA wrote:
> Hi
>
>
> On Thursday 10 June 2010 at 3:35:34 PM, in
>
> , Joke de Buhr wrote:
> > I've never gotten any keyserver related spam so far and
> > my public keys with a valid mail address were published
> > y
Am Donnerstag 10 Juni 2010 16:00:18 schrieb David Shaw:
> Periodically there is a discussion on this list about whether having your
> key on a keyserver will result in more spam. My feeling on this is that
> you might get more spam, but it's a drop in the bucket compared t
Hi Joke--
On 06/10/2010 11:22 AM, Joke de Buhr wrote:
> I never said this particular spam message was not caused by someone scanning
> the keyserver. I only stated it isn't that common and never happened to me.
>
> The chance someone harvesting your email address through k
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 10 June 2010 at 3:35:34 PM, in
, Joke de Buhr wrote:
> I've never gotten any keyserver related spam so far and
> my public keys with a valid mail address were published
> year ago.
In order to *know* you have neve
I never said this particular spam message was not caused by someone scanning
the keyserver. I only stated it isn't that common and never happened to me.
The chance someone harvesting your email address through keyserver scanning is
less common than harvesting archives of mailing
> On Thursday 10 June 2010 16:00:18 David Shaw wrote:
>> Hi everyone,
>>
>> Periodically there is a discussion on this list about whether having your
>> key on a keyserver will result in more spam. My feeling on this is that
>> you might get more spam, but it&#
I've never gotten any keyserver related spam so far and my public keys with a
valid mail address were published year ago.
I think it's more likely you will get spam because you are posting to a
mailing list which does have a html archive (liks this one).
If you want to get rid of
Hi everyone,
Periodically there is a discussion on this list about whether having your key
on a keyserver will result in more spam. My feeling on this is that you might
get more spam, but it's a drop in the bucket compared to the usual onslaught
that streams in daily.
That being said, I
Hauke Laging wrote:
> Maybe. But I would not call it science that you imply that harvesting
> from key servers will result in about the same amount of spam as pure
> address guessing by the spammers would.
Estimating how many email addresses are released to spammers via the
keyservers i
rvers are being targeted specifically. For most people, the
benefits of having an email address on your key outweigh the minor
risk of getting a few extra pieces of spam.
3) How to add a "principal" uid to a key ?
I had removed the principal UID because I wanted to modify the
fir
John W. Moore III wrote:
> If You're certain the Key has _not_ been disseminated anywhere & there
> is nothing encrypted to it that You may wish to recover if/when the
> passphrase is 'remembered' then just delete it.
I think the OP was looking for "gpg --delete-key" and "gpg
--delete-private-key"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Raphaël Maville wrote:
> 1) How to delete an unpublished GnuPG key from a computer when the
> Passphrase and the Revoke file are lost ?
> This key was create without revoke file. It was not published at all on
> internet or to my friends.
If You're
1) How to delete an unpublished GnuPG key from a computer when the
Passphrase and the Revoke file are lost ?
This key was create without revoke file. It was not published at all on
internet or to my friends.
2) How to avoid spaming to my mail boxes, is it better to do not mention
it on a gnuPG key
bably technically possible, however, if it is useful or not
would be another question...
--
Hideki Saito
Hi,
I'm receiving a lot of spam in my old email account...
I'm even receiving emails with my own old email as sender!! :-(
Is it a way to tell the sysadmin of this email provider to ad
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I'm receiving a lot of spam in my old email account...
I'm even receiving emails with my own old email as sender!! :-(
Is it a way to tell the sysadmin of this email provider to add some kind
of scripts for automatic sign all th
Hi!
Quite some tima ago a have seen Spams with a (obviously bogus) "---BEGIN
PGP SIGNATURE---" + garbage part at the end of the mails.
This might have had negative influence on some Bayesian databases.
Apart from creating a special Spamassassin module which actually
verifies incoming emails, I
> are valid on my keyring or one that would be considered trustworthy by
> > means of the web-of-trust.
>
> Why not just take some signed content from a key in the strong set,
> like this message, and add some unsigned spam to it? It would be
> a great way to ruin keys by makin
You advocate a
(x) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it
won't work. (One or more of the following may apply to your particular
idea, and it may have other flaws which used to vary from state to
state bef
means of the web-of-trust.
Why not just take some signed content from a key in the strong set,
like this message, and add some unsigned spam to it? It would be
a great way to ruin keys by making them "spam-keys."
> Maintaining a dedicated database of "spam-keys" that had b
Ryan Malayter wrote:
> Why wouldn't you set up a test lab with the Microsoft products as
> well?
It's a hypothetical. There do exist vendors that are infamously stingy
with evaluation versions and heavily rely on "trust us".
___
Gnupg-users mailing l
On 10/18/07, Robert J. Hansen <[EMAIL PROTECTED]> wrote:
> With proprietary software, you're mostly stuck relying on your vendor
> for information. Compare "Microsoft says that IIS will scale up to our
> server load with our current server configuration" to "the Apache
> Foundation isn't making an
reynt0 wrote:
> Are there refined answers available to the question
Yes.
When giving a software evaluation, you always specify sources and
methods. Each and every assertion needs a source and a method: who is
your source, and how does your source know this?
With proprietary software, you're mos
On Wed, 17 Oct 2007, Robert J. Hansen wrote:
. . .
> For a look at the problems in the University of Iowa student government
> elections, take a look at:
>
> http://cs.uiowa.edu/~rjhansen/UISG.pdf
>
> After delivering this report to Student Government, their response was
> to bury it, never
On Tue, 16 Oct 2007, Robert J. Hansen wrote:
. . .
> Vote-from-home over the internet is probably going to happen sooner or
> later in some jurisdiction, if only because it is possible for a vendor
. . .
IIRC there was a Technische Universitaet or similar in
Austria a while ago that was going
1 - 100 of 122 matches
Mail list logo
