|
Home > Archive > Anonymous Servers > May 2006 > Nym creation with PGP 9?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Nym creation with PGP 9?
|
|
| Bonacci 2006-05-20, 7:12 pm |
| Can anyone tell me if nym.alias.net, or panta-rhei can create a nym if I've created my PGP key with PGP 9?
I've created many a nym, hand-rolled, without problem. Now nothing seems to be working, and the only think I can think of is my PGP version.
Thanks.
Leo B.
| |
| Stray Cat 2006-05-21, 7:12 pm |
| nym.alias.net works only with RSA keys and IDEA encrypted messages. You
don't say what type of key and message format you are using, but if it
isn't RSA/IDEA it can't work with nym.alias.net.
| |
| leo.bonacci@yahoo.com 2006-05-22, 1:12 am |
| Thanks Stray Cat. IDEA is the only cipher that's not set by default in
the creation GUI. Bastards. I'll try it again.
| |
| Nomen Nescio 2006-05-22, 1:12 am |
| In article <1148238507.006137.162540@i39g2000cwa.googlegroups.com>
"Stray Cat" <Fgenl_Png@yahoo.com> wrote:
>
> nym.alias.net works only with RSA keys and IDEA encrypted messages. You
> don't say what type of key and message format you are using, but if it
> isn't RSA/IDEA it can't work with nym.alias.net.
No mention of nym.alias.net should go by without notice that it is
totally unreliable and more important, they have never changed their
PGP key over the many years of it's existence and the multitude of
students that have been assigned to maintain it. There is also no
reason to believe they would not cooperate with the NSA or whatever,
if asked. Back in the late 90's they weren't even sure they should be
in the remailer business at all...
| |
|
| On Mon, 22 May 2006 06:40:15 +0200 (CEST), Nomen Nescio wrote in
Message-Id: <45e6ce2527a6c810be5fa2f31c1e2617@dizum.com>:
> No mention of nym.alias.net should go by without notice that it is
> totally unreliable and more important, they have never changed their
> PGP key over the many years of it's existence and the multitude of
> students that have been assigned to maintain it. There is also no
> reason to believe they would not cooperate with the NSA or whatever,
> if asked. Back in the late 90's they weren't even sure they should be
> in the remailer business at all...
Just thinking aloud; what would be the impact to a Type-I nym if the
server key was totally compromised? I'm not convinced that it would
make a great deal of difference, although I can't profess to be an
expert in these things. 
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
|
| On Sun, 21 May 2006 12:08:27 -0700, Stray Cat wrote:
> nym.alias.net works only with RSA keys and IDEA encrypted messages. You
> don't say what type of key and message format you are using, but if it
> isn't RSA/IDEA it can't work with nym.alias.net.
Unless I am in error, is there not also a problem with key formats?
I believe the original PGP 2.6.x used RSA v3 keys, while the later
PGP 5.x and later use RSA v4 keys. The newer format keys may cause the
nym.alias.net nymserver to choke.
Also, there is no support for hashes other than MD5.
Better off to go with nym.panta-rhei.eu.org.
Baal <Baal@nym.panta-rhei.eu.org.>
| |
| Nomen Nescio 2006-05-22, 7:12 pm |
|
On 22 May 2006 10:20:53 +0000 (UTC), Zax <fleegle@bananasplit.info> wrote:
> Just thinking aloud; what would be the impact to a Type-I nym if the
> server key was totally compromised? I'm not convinced that it would
> make a great deal of difference, although I can't profess to be an
> expert in these things.
With the assistance of scumbag korporations like AT&T (who have clearly
proven their willingness to ignore customer privacy rights), snoops (govt.
or otherwise) could eavesdrop on communications. The snooper could see
that user@nym was sending to abc@xyz.com as well as what was being said.
Snoopers could also forge messages from user@nym. If the user wasn't
sending via a remailer, their true identity could also be obtained.
It's very bad to compromise the server key. Yes, users can take steps to
minimize the damage from a nym server key compromise, but that's not the
point. If users have to go that far, they may as well just use the
remailer network and provide reply blocks to recipients. The nym
server was meant to simplify the process in a secure fashion.
I'm grateful for the MIT nym, but I wish they would expend 5 minutes to
rekey.
|
|
|
|
|