tmsr - Search: " T"

553900+ entries in 0.383s

Apocalyptic: and according to davout it's not supposed ot verify

Apocalyptic: well this was the whole point of the discussion

davout: lol, deedbot isn't supposed to verify sigs amirite

mircea_popescu: davout if you don';t have the key you can't verify signatures, dork!

Apocalyptic: go try it on a system you have no

mircea_popescu: Apocalyptic the fingerprint, penultimate line.

davout: if you don't have the key in your ring it won't know the fpr

Apocalyptic: mircea, what is your pastebin supposed to show ?

davout: mircea_popescu: try with this guy -> http://pastebin.com/raw.php?i=bxxZyms9

mircea_popescu: kakobrekla: the point is MAPPING is bad << he understands.

mircea_popescu: https://evil32.com/examples.html for the innocents reading logs. ☟︎

mircea_popescu: asciilifeform keyid is the last 16 chars of the 40 char fignerprint. and then there's an 8 char shit too. neither of these last two are any good, but hey, "usability". crap.

davout: asciilifeform: well, keyid is a part of the fpr afaik

assbot: $ gpg -v -v --with-fingerprint gpg: Go ahead and type your message ... -----BE - Pastebin.com ... ( http://bit.ly/1sNixkt )

mircea_popescu: ah it's there.

mircea_popescu: who the fuck did this i have nfi.

mircea_popescu: one more reason gpg has to be rewritten i guess.

davout: that implies you have the key in your keyring

mircea_popescu: ok but then gpg --fingerprint | grep "keid" ?

mircea_popescu: what do you mean gpg doesn't return them ?!

davout: i'll let you read the convo

davout: well, i was just reading about them in the deedbot spec

mircea_popescu: kakobrekla: keyids are evil << yeh davout. stop thinking about short keyids bs.

mircea_popescu: same here, but who the fuck knows what they do in the soviet republic of san francisco.

asciilifeform: mircea_popescu: what is this. every office park where i live has cleaners.

mircea_popescu: asciilifeform they don't have cleaning ladies in the classic sense, which is why conde nast is writing memos to the "journos" about keeping the place clean.

PeterL: ok, I'll take that

mircea_popescu: at least until proof to the contrary.

mircea_popescu: PeterL so you'd be the innocent.

mircea_popescu: asciilifeform this is what us cleaning lady does.

asciilifeform: not cleaning lady. demented bomzh who breaks into the office and takes a shit in the coffee pot.

mircea_popescu: PeterL weren't you a biochemist by trade dabbling into code as a hobby recently ?

davout: by this account i'm a core contributor to bitcoin too, i reset testnet once, fuck it

mircea_popescu: whole slew of these, the cleaning lady wants to be "part of the team" nao.

davout: ah, yea lol, i had a look to see if this chick had any other commits on the project, seems like it's her sole 'contribution' to the whole thing

mircea_popescu: PeterL there's a difference between the innocent and the stupid.

mircea_popescu: the "o look mom, i made a github commit. it changes the spelling of comments" thing

davout: mircea_popescu: o hey, what are you referring to?

asciilifeform: this is a considerably less-fantastic scenario than it would have appeared to be in the '90s, because of the 'nintendoization' of computing. gpg simply won't appear in the apple and microshit 'app stores' and thereby vanish

asciilifeform: undata: at some point it will be forbidden in usa to sell or even own a computer which can meaningfully run classic gpg

undata: because terrorists can't find an old copy of gpg?

undata: asciilifeform: after the next attack they'll ram all kind of laws through around weakining crypto

davout: "sure you can escrow my key, wanna make sure it's mine? just check the keyid"

asciilifeform: Apocalyptic: 'key escrow' crapolade went out with the first clinton presidency, will probably return with the second.

Apocalyptic: http://blogs.wsj.com/digits/2015/01/16/obama-sides-with-cameron-in-encryption-fight/ // to paraphrase ascii, mega-lol

davout: well, if you want to pull off an attack on someone you'll want to get a collision with a specific key id

Apocalyptic: and that's just for a preimage, if you want a collision the birthday paradox will tell you that you need much less than that

Apocalyptic: just take the bitcoin network, it performs 2**64 hashes in 60 seconds at current hashrate if I'm not mistaken

davout: that would be the number of distinct keyids, not sure how practically feasible it would be to bruteforce a collision

gribble: Error: Something in there wasn't a valid number.

davout: the signature verification would in this case (assuming both keys are in the keyring) yield both a pass and a fail, right?

asciilifeform: hence this thread.

asciilifeform: and so they weren't.

asciilifeform: but rfc4880 does not specify that fp ought to be embedded in sigs.

asciilifeform: and naturally the sigs will verify

asciilifeform: davout: picture if you were trying to pass a document off as having been signed by X. you generate a key with the correct name, etc. and colliding keyid, then try to pass it off as the genuine article; then, when chumps swallow it, sign with it

asciilifeform: davout: only if the signature was in fact made with evilkey

davout: that doesn't make much sense to me, how would a maliciously crafted pubkey even verify the signature?

asciilifeform: the keychain thing nicely parallels ben_vulpes's discussion re: bitcoind wallets

asciilifeform: if that makes sense

asciilifeform: davout: assuming it was an accidental collision, and that you have not entered a properly, maliciously crafted pubkey into your keychain that it -will- verify with

davout: and i guess even in the case of a keyid collision that has no impact on actual signature verification

asciilifeform: original pgp was not an apparatus for one-off deals with strangers, but something to use between friends, as i understand.

asciilifeform: rather than something to resist attack of any kind

asciilifeform: hence the 'key id' was meant as merely a soft handle to quickly pick out the right pubkey.

asciilifeform: davout: a little subtler than that. the original assumption was that you would only ever verify sigs from folks you had a proper key party with

davout: "Implementations SHOULD NOT assume that Key IDs are unique", so let's just include that in the signature packet. derp

asciilifeform: or, alternatively, like the choice of 'aes' over the stronger but 'slower' 'serpent' cipher, it was merely orders from lizardhitler. ☟︎☟︎

asciilifeform: 'it saves a few bytes' probably sounded like 'good reason' to the authors.

kakobrekla: i was afraid you gonna say that.

asciilifeform: kakobrekla: none afaik. the standard simply sucks.

kakobrekla: any good reason for this ?

davout: asciilifeform: yeah, that's what i was reading, it mentions user ids in the subpackets spec, but i'm unsure whether that includes an actual key fingerprint, i tend to understand that it doesn't ☟︎

asciilifeform: davout: the version 4 signature subpacket spec << what do you want to know about it ?

undata: doesn't our agreement being public and with firm verification of identity bolster my claim among peers that you're a knucklehead?

undata: say you and I make an agreement and you fail to execute your side

undata: davout: surely you understand that the wot quantifies what a deed may provide historicity

undata: the reputation of the orifice matters and is maintained by not shoveling shit out into the public forum

undata: davout: lest you have to think about anything other than rubbing some ruby together

davout: i think we should've stuck to lighting these jasmine candles :-)

undata: davout: what is the point of publishing a scientific work in a credible journal?

davout: umm... to timestamp them

undata: what's the point of that? in human terms?

undata: why does one publish the signed blobs

undata: ... that's not an answer to my question

undata: davout: why are they published?

davout: lol, where does the spec even mention a second party?

undata: no, it's to timestamp that an agreement occurred between two identified parties

davout: the point is to timestamp stuff, not hold anyone accountable to anybody other than by the actual parties to the contract, what's so hard about that?

undata: less so if the witness did not bother to verify identity

undata: whether it says inside "A owes B his kidney" or "The sky is blue" both can be held to account that they have made the utterance by the existince of the thing

davout: that's not what tell you, they tell you 'this blob existed at that point of time, what's in it is none of your business'

undata: yes that's fine

undata: I have witnessed that fact and I sign and note the time

undata: two parties presented themselves to me and both said "I agree to whatevers in this blob"

davout: what then? you refuse to process it?

davout: look, there is a reason it's called deedbot, and not notarybot, it's none of deedbot's business to know what happened, for all you know the notarized stuff could perfectly be encrypted

undata: part of the service is actually having an idea of what has transpired, sort of renting out your good name

davout: i mean, even in that case, what's the worst that could happen? specifically?

undata: says the bridge builder to the parties on either side "eh, fuck it, whatever"