Anonymous Servers - what DSA features for panta-nym key?

Author

what DSA features for panta-nym key?

TwistyCreek

2006-07-06, 7:12 pm

When creating a key for a new nym at pantanym, what type key is best to
use? assume gpg 1.4.4 being used to create ( IDEA module is available)

asking because I've had several now that panta rejected because of not
liking the way it was self-signed.

Thomas J. Boschloo

2006-07-06, 7:12 pm

-----BEGIN PGP SIGNED MESSAGE-----

TwistyCreek schreef:
> When creating a key for a new nym at pantanym, what type key is best to
> use? assume gpg 1.4.4 being used to create ( IDEA module is available)
>
> asking because I've had several now that panta rejected because of not
> liking the way it was self-signed.

It is probably easiest to generate your RSA nym keys with PGP 2.6.2 or
2.6.3i www.pgpi.org If you can figure out gpg, pgp2 cannot be that
hard ;-D

pgp -kg 1024
pgp -kxa .. .. secring.pgp

And then import the secret (and public) key into gpg

hi,
Thomas
- --
"When paranoia is outlawed .."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQB5AwUBRK1+uQEP2l8iXKAJAQFQ2wMcCDO+ZI1j
gOnVYv6iRgRdEK3oU58n7BuQ
d9Hft9cFbXW0Z6zeOlfgJQ5WG4r3CRwkupwy6jCH
0eG0YhWF525tNRhX7hIzP5Hh
RAT7tVf5lyvvfb9N2Kts3wBs6XHVtx4PdRMWiA==

=c+A4
-----END PGP SIGNATURE-----

TwistyCreek

2006-07-06, 7:12 pm

On Thu, 06 Jul 2006 23:20:57 +0200
"Thomas J. Boschloo" <nospam@hccnet.nl> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
>
> TwistyCreek schreef:
>
> It is probably easiest to generate your RSA nym keys with PGP 2.6.2 or 2.6.3i
> www.pgpi.org If you can figure out gpg, pgp2 cannot be that hard ;-D
>
Oh don't be ridiculous Tommy: using PGP 2.x is a daft idea. GnuPG makes
perfectly good keys (RSA or DSA) for panta nyms, and they will be compatible
with other remailers / users. Throw php 2.x on the bin where it belongs... ;-)

TwistyCreek

2006-07-07, 1:12 am

TwistyCreek <anon@comments.header> wrote:

> On Thu, 06 Jul 2006 23:20:57 +0200
> "Thomas J. Boschloo" <nospam@hccnet.nl> wrote:
>
> Oh don't be ridiculous Tommy: using PGP 2.x is a daft idea. GnuPG makes
> perfectly good keys (RSA or DSA) for panta nyms, and they will be compatible
> with other remailers / users. Throw php 2.x on the bin where it belongs... ;-)

Besides, I specifically said "assume gpg 1.4.4 being used to create" as
is quoted above from my OP

what I did:

gpg --gen-key

selected defaults for key type and no expiration
entered name, email address, left 'comment' field blank.

gpg churns, creates key, reports it's done and key is signed and set to
ultimate trust.

I use that key to create nym creation msg for pantanym using
instructions posted this group by 'baal'

instead of confirmation msg I get note about signature not being able to
be verified with public key enclosed in create msg

I deleted that key and am going to try this again with a new key.

Anonymous via the Cypherpunks Tonga Remailer

2006-07-07, 1:12 am

"Thomas J. Boschloo" <nospam@hccnet.nl> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
>
> TwistyCreek schreef:
>
> It is probably easiest to generate your RSA nym keys with PGP 2.6.2 or
> 2.6.3i www.pgpi.org If you can figure out gpg, pgp2 cannot be that
> hard ;-D
>
> pgp -kg 1024
> pgp -kxa .. .. secring.pgp
>
> And then import the secret (and public) key into gpg

please re-read the subject line.

my question is about DSA keys not RSA, I don't use RSA keys, EVER

panta-admin

2006-07-07, 7:14 am

-----BEGIN PGP SIGNED MESSAGE-----

Hi !

Could you please send your original nym-creation request to save at
nym.panta-rhei.eu.org

It will be stored so I can investigate.

Cheers,
panta-admin

On 6 Jul 2006, TwistyCreek <anon@comments.header> wrote:
>When creating a key for a new nym at pantanym, what type key is best to
>use? assume gpg 1.4.4 being used to create ( IDEA module is available)
>
>asking because I've had several now that panta rejected because of not
>liking the way it was self-signed.

-----BEGIN PGP SIGNATURE-----
Version: N/A

iQA/AwUBRK4BM9crLUqmoDLIEQKcUwCgzI/4xtxRfsZQWS1OE6SNJJetn8sAn3lo
gnXkmk0dr2YTe4fARkqVaFxe
=uuFB
-----END PGP SIGNATURE-----

~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
for abuse and hashcash info.

admin

2006-07-07, 1:14 pm

-----BEGIN PGP SIGNED MESSAGE-----

sent mail to your admin today 12.04.

admin at 4096.net
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8ckt http://www.ipgpp.com/

iQEVAwUBRK5aAgB5Q7QepRRPAQFroAf/a78+q8brssMU8lboUEPhJPZ97pkC1TqV
jZypxThF111RdpwdDOblZnZvW9tWlsEgua7FyjLe
izeaytBj1ZTcUbrf7O+ihN5N
1fzw/ 9JnB+g4DZKCuX5q2v8EJXGajhY80fQQ5SfbKRugr
VmsjmNT9NMpCdOuJqAd
YkZVOseooO+9NHjx7ZeMCdj2bSQXhSBBXTGiTDRx
GfGqZouM6XNdR8DN+cfQ+Grx
Xz+WI3qai8sbRyp/ wKJ145O7q7xwOl+8zhnhAIjWdI19H8SVU6OuPEum
b6QPo3iY
pzQ/ znQQ6TDMre2TMfI5Qz1uj8ovLMaJQqteuhDRd3tD
bHZNAOnG7Q==
=tkik
-----END PGP SIGNATURE-----

panta-admin schrieb:

> Could you please send your original nym-creation request to save at
> nym.panta-rhei.eu.org
>
> It will be stored so I can investigate.
>
> Cheers,
> panta-admin
>
>
> On 6 Jul 2006, TwistyCreek <anon@comments.header> wrote:
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: N/A
>
> iQA/AwUBRK4BM9crLUqmoDLIEQKcUwCgzI/4xtxRfsZQWS1OE6SNJJetn8sAn3lo
> gnXkmk0dr2YTe4fARkqVaFxe
> =uuFB
> -----END PGP SIGNATURE-----
>
> ~~~~~~~~~~~~~~~~~~~~~
> This message was posted via one or more anonymous remailing services.
> The original sender is unknown. Any address shown in the From header
> is unverified. You need a valid hashcash token to post to groups other
> than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
> for abuse and hashcash info.

Thomas J. Boschloo

2006-07-08, 7:11 pm

-----BEGIN PGP SIGNED MESSAGE-----

TwistyCreek schreef:
[snip]
> Oh don't be ridiculous Tommy: using PGP 2.x is a daft idea. GnuPG makes
> perfectly good keys (RSA or DSA) for panta nyms, and they will be compatible
> with other remailers / users. Throw php 2.x on the bin where it belongs... ;-)

And PGP 2.x doesn't create perfectly good RSA keys you think?

btw, DH/DSS textually looks far less like RSA and can also do the
encryption (if you use cryptrecv+)

And DH/DSS can use 3DES or AES so IDEA is irrelevant for this question.
The whole reason for DH/DSS keys to exist is to avoid the patents in RSA
and IDEA. There is nothing else wrong with the two.

Regs,
Thomas
- --
"When paranoia is outlawed .."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQB5AwUBRLAdPwEP2l8iXKAJAQFWNQMaA6LgskL5
8Kpg/W8ZqzUw5HuqZKApE6yO
o77E68dHaGvgOyzbpGwubfTNiAwIBWVsM61p61HP
o34pTA46xV1sZ2V9lPcONWjX
amGt18b9QeGzJRPU5kRpzhuXejNy++Q/6bS3BQ==
=Kq9G
-----END PGP SIGNATURE-----

Nomen Nescio

2006-07-09, 1:12 am

"Thomas J. Boschloo" <nospam@hccnet.nl> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
>
> TwistyCreek schreef:
> [snip]
>
> And PGP 2.x doesn't create perfectly good RSA keys you think?
>
> btw, DH/DSS textually looks far less like RSA and can also do the
> encryption (if you use cryptrecv+)
>
> And DH/DSS can use 3DES or AES so IDEA is irrelevant for this question.
> The whole reason for DH/DSS keys to exist is to avoid the patents in RSA
> and IDEA. There is nothing else wrong with the two.
>

No, there's nothing wrong with RSA or pgp 2.x except the fact that I
specifically said in my OP that I was using gpg 1.4.4 and DSA keys and
you come along talkign about pgp 2.x. Well, I'm not running a dos /
windows machine and I couldn't use pgp 2.x if I had it. This would be
why I specificaly stated gpg 1.4.4 and DSA keys

panta-admin

2006-07-09, 7:13 am

-----BEGIN PGP SIGNED MESSAGE-----

Hi !

>I'll do that right away. meantime, here's the error message I just got
>from my last try:
>
>
>
>The key in question was created with gpg 1.4.4, using all default values
>for everything except the user id and email address. To insure nothing
>in gpg.conf was interfering, I renamed it so that gpg would not use it.

There seems to be a problem with your encryption. I get an error about
missing mdc packet protection.

>gpg: WARNING: message was not integrity protected

This should not happen. Google for it.
I am not sure how you did the encryption, but you could try to give gpg the
- --force-mdc option when you encrypt your message to the panta-rhei
nymserver key.

Hope this helps, try again, if it still does not work let me know and I
will investigate further.

Cheers,
panta-admin

-----BEGIN PGP SIGNATURE-----
Version: N/A

iQA/ AwUBRLCYUtcrLUqmoDLIEQI+WgCeKKXLT3rZi3iI
/KswGJ12VnwK/zwAnRxo
QtMi1BuBhPAr7xGRqqb2DxFK
=41OY
-----END PGP SIGNATURE-----

~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
for abuse and hashcash info.

Thomas J. Boschloo

2006-07-09, 7:13 am

-----BEGIN PGP SIGNED MESSAGE-----

Nomen Nescio schreef:
[snip]
> No, there's nothing wrong with RSA or pgp 2.x except the fact that I
> specifically said in my OP that I was using gpg 1.4.4 and DSA keys and
> you come along talkign about pgp 2.x. Well, I'm not running a dos /
> windows machine and I couldn't use pgp 2.x if I had it. This would be
> why I specificaly stated gpg 1.4.4 and DSA keys

ftp://ftp.no.pgpi.org/pub/security/pgp/2.x/
http://www.pgpi.org/products/pgp/ve...re/unix/2.6.3i/

?
Thomas
- --
"When paranoia is outlawed .."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQB5AwUBRLDs4AEP2l8iXKAJAQF+RAMfZMuUWwT9
+/dm574pUUKbeDyue1Lg1ZO4
HzZYMQpO90yKYMEFnA5VBXJ9fQrmzG2D3WBKD18R
ghb7hdlNxuQFOA71i+DSfQ3v
agschLiX5+TxqVdf9CsSb4SHT4JbDbj0OR0ZDg==

=TYBa
-----END PGP SIGNATURE-----