headers
andrewmuck | 3 Apr 2010 14:24
Picon
Picon

pgp / gpg based financial transactions

I have been working on a proof of concept public key transaction processor.

Testing by myself seems to show it working, but would be nice to have other people try to break it.

A description of the system is at http://pktp.co.cc

But briefly it operates by transferring metal from one key to another.  Submit your key and try a balance
request.  A private/public key pair with some metal balance is available to take and transfer for testing.

The test server is at http://fincryp.no-ip.info but not always up.

Source code is at http://drop.io/andrewmuck

This may not seem useful for everyone but if it is remotely interesting your testing would be appreciated.

If you seemed to follow the transaction format, but got some odd error then you probably found a bug and I
would be eternally grateful!

    cya,    Andrew...

------------------------------------

______________________________________________________________
Archives:                  http://groups.yahoo.com/group/PGP-Basics/messages
OT List:                         http://groups.yahoo.com/group/PGP-Basics-OT
OT Subscribe:                 mailto:PGP-Basics-OT-subscribe <at> yahoogroups.com
Gossamer Spider Web of Trust                           https://www.gswot.orgYahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/PGP-Basics/
(Continue reading)

Permalink | Reply | 2 comments |
headers
John Clizbe | 4 Apr 2010 00:50
Picon
Gravatar

Re: pgp / gpg based financial transactions


andrewmuck wrote:
> I have been working on a proof of concept public key transaction processor.
> 
> Testing by myself seems to show it working, but would be nice to have other
people try to break it.

You may have noticed the last part of this group's name, BASICS. Asking a group
of non-cryptographers to try to break something just doesn't sound all that
great. There isn't even a decent developer contingent here to look at your idea.

Perhaps you should ask on GnuPG-Users or GnuPG-Devel?  If you're _really_
serious about this, post to the [Cryptography] list, cryptography <at> metzdowd.com

--

-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys <at> gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"
Permalink | Reply | 1 comment |
headers
andrewmuck | 4 Apr 2010 02:44
Picon
Picon

Re: pgp / gpg based financial transactions

No, basic is definitely my target demographic.  I am hoping it will work with the most novice of users.

   cya,    Andrew...

--- In PGP-Basics <at> yahoogroups.com, John Clizbe <jpclizbe <at> ...> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> andrewmuck wrote:
> > I have been working on a proof of concept public key transaction processor.
> > 
> > Testing by myself seems to show it working, but would be nice to have other
> people try to break it.
> 
> 
> You may have noticed the last part of this group's name, BASICS. Asking a group
> of non-cryptographers to try to break something just doesn't sound all that
> great. There isn't even a decent developer contingent here to look at your idea.
> 

------------------------------------

______________________________________________________________
Archives:                  http://groups.yahoo.com/group/PGP-Basics/messages
OT List:                         http://groups.yahoo.com/group/PGP-Basics-OT
OT Subscribe:                 mailto:PGP-Basics-OT-subscribe <at> yahoogroups.com
Gossamer Spider Web of Trust                           https://www.gswot.orgYahoo! Groups Links

<*> To visit your group on the web, go to:
(Continue reading)

Permalink | Reply | 0 comments |
headers
bgillson | 30 Apr 2010 06:22

News from PGP Corp.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I thought the list might find this interesting:

Today, Symantec announced the acquisition of PGP Corp. You can find
the press release and other public information here:

http://investor.symantec.com/phoenix.zhtml?c=89422&p=irol-
EventDetails&EventId=3059174

On a personal note, I've been a part of PGP for about six years (and 
have lurked on this group for just about as long). Symantec seems to 
really understand what they have purchased and want to help grow the 
use of encryption inside and outside of big companies.

While I can't say anything outside of the publicly available 
information linked to above, this looks like a very good fit. 
Symantec's executive team has been impressive.

I realize that this list focuses more on GnuPG at this point, but I'm 
optimistic that the next year will see re-energized interest in PGP 
encryption as we start taking advantage of the resources and reach 
available to Symantec. Who knows, maybe some of them will even post 
here...

Take care everyone.

Bryan Gillson
(Continue reading)

Permalink | Reply | 7 comments |
headers
Chuck Barone | 30 Apr 2010 07:02
Picon
Favicon

Re: News from PGP Corp.

What concerns me and a few other PGP users, on a security forum I frequent, is the possibility that Symantec
could knuckle under pressure and provide a back door. If I didn't believe PGP was free of such a thing, I
wouldn't be using it right now. It's a real concern to some of us and, regardless of the nonsensical
comment, "Well, if you aren't doing anything wrong......etc," it is a worry. And, no, I don't use PGP for
any illegal activities. I just like knowing my emails, the tax info on my computer and other legal business
activities are free from scrutiny.

Chuck

----- Original Message ----
From: bgillson <bryan.gillson <at> gillson.net>
To: PGP-Basics <at> yahoogroups.com
Sent: Thu, April 29, 2010 10:22:10 PM
Subject: News from PGP Corp.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I thought the list might find this interesting:

Today, Symantec announced the acquisition of PGP Corp. You can find
the press release and other public information here:

http://investor.symantec.com/phoenix.zhtml?c=89422&p=irol-
EventDetails&EventId=3059174

On a personal note, I've been a part of PGP for about six years (and 
have lurked on this group for just about as long). Symantec seems to 
really understand what they have purchased and want to help grow the 
use of encryption inside and outside of big companies.
(Continue reading)

Permalink | Reply | 3 comments |
headers
Elwin E. M. Hennis | 30 Apr 2010 07:33
Picon

RE: News from PGP Corp.

Your concern of a back door is mine too and I hope PGP Corp and now Symantec
are listening.  I have been using PGP since the early 90's.  Having GnuPG
available is even now more important.  Isn't GnuPG able to use PGP public
keys?  But if PGP is still truly secure, the ability to use pgp with email
will be important. PGP does that now but increasing the transparency to
other platforms will be great.  I use outlook to download my email.  Using
pgp/GnuPG with outlook and my gmail account would be great.

Elwin

-----Original Message-----
From: PGP-Basics <at> yahoogroups.com [mailto:PGP-Basics <at> yahoogroups.com] On
Behalf Of Chuck Barone
Sent: Thursday, April 29, 2010 10:03 PM
To: PGP-Basics <at> yahoogroups.com
Subject: Re: News from PGP Corp.

What concerns me and a few other PGP users, on a security forum I frequent,
is the possibility that Symantec could knuckle under pressure and provide a
back door. If I didn't believe PGP was free of such a thing, I wouldn't be
using it right now. It's a real concern to some of us and, regardless of the
nonsensical comment, "Well, if you aren't doing anything wrong......etc," it
is a worry. And, no, I don't use PGP for any illegal activities. I just like
knowing my emails, the tax info on my computer and other legal business
activities are free from scrutiny.

Chuck

----- Original Message ----
From: bgillson <bryan.gillson <at> gillson.net>
(Continue reading)

Permalink | Reply | 1 comment |
headers
John Clizbe | 30 Apr 2010 07:42
Picon
Gravatar

Re: News from PGP Corp.


Elwin E. M. Hennis wrote:
> Your concern of a back door is mine too and I hope PGP Corp and now Symantec
> are listening.  I have been using PGP since the early 90's.  Having GnuPG
> available is even now more important.  Isn't GnuPG able to use PGP public
> keys?  But if PGP is still truly secure, the ability to use pgp with email
> will be important. PGP does that now but increasing the transparency to
> other platforms will be great.  I use outlook to download my email.  Using
> pgp/GnuPG with outlook and my gmail account would be great.

One may currently use GnuPG with Outlook. See the GPG4Win site.

PGP & GnuPG may be used with GMail's POP or IMAP access.  The FireGPG project
seeks to extend that to web access.
--

-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys <at> gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"
Permalink | Reply | 0 comments |
headers
Robert J. Hansen | 30 Apr 2010 13:04
Favicon

Re: News from PGP Corp.

On 4/30/10 12:22 AM, bgillson wrote:
> On a personal note, I've been a part of PGP for about six years (and 
> have lurked on this group for just about as long). Symantec seems to 
> really understand what they have purchased and want to help grow the 
> use of encryption inside and outside of big companies.

There is an element of comedy to it, though, you have to admit.

For years PGP Security was part of Network Associates, Inc., which also
owns McAfee Internet Security.  Network Associates dropped PGP Security,
which spun off into a separate PGP Corporation after selling a lot of
their IP to McAfee.  Now, PGP Corporation is being bought by Symantec...
McAfee's direct competitor.

It feels like the corporate version of hakuna mettata, circle of life,
whatever you want to call it.  :)

> I realize that this list focuses more on GnuPG at this point

I think there's a lot of truth to that, but it may be worthwhile to
consider why.

Good luck to PGP in the new endeavors with Symantec.  :)

[Non-text portions of this message have been removed]

------------------------------------

______________________________________________________________
Archives:                  http://groups.yahoo.com/group/PGP-Basics/messages
(Continue reading)

Permalink | Reply | 1 comment |
headers
Darryl L. Rowe | 30 Apr 2010 17:44
Favicon

RE: News from PGP Corp.

> From: bgillson
...
> Today, Symantec announced the acquisition of PGP Corp. You can find

Symantec = <bloatware>

From around 1996 - 2002 (and in some cases through 2006) I recommended and
used Symantec/Norton products. They kept getting bigger and more
resource-intensive. System Works (or whatever) hosed my system  in '02 and I
stopped using it, and the only "good" product I kept using then was
Corporate Antivirus. Since then...I can say nothing good about Symantec
products.

I hope this isn't the (true) death-knell for PGP as I like and have used PGP
since the DOS 2.3 release.

  -- Darryl

PS: A current contract does used Endpoint Security on their Small Business
Server network. It's locked up tighter than a drum and no one currently
there knows the password...so we're riding out the useful life of the
product at which point we will see if we can get a new password somehow, or
uninstall it and install something new. Just being an Administrator on the
server should be enough. Single sign-on? Heard of that?

PPS: Guess I'll download GPG, assuming I get Windows 7,
Bitlocker-To-Go/Bitlocker will take care of WDE and NetShare, leaving key
management, file encryption and email ... to GPG perhaps.

------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
David Vallier | 30 Apr 2010 23:51
Favicon

Deciphering a error msg


I am curious as to what the following error msg means (Apart from the
obvious the it can't verify the msg)

OpenPGP Security Info

Unverified signature

gpg command line and output:
c:\Program Files\GNU\GnuPG\gpg.exe
gpg: Signature made 04/30/10 02:31:23
gpg:                using RSA key 0x9710B89BCA57AD7C
gpg: WARNING: signature digest conflict in message
gpg: Can't check signature: general error
Permalink | Reply | 1 comment |

Gmane