On Thu, 2007-07-12 at 19:02 -0700, David Boles wrote: > on 7/12/2007 6:29 PM, Tim wrote: > > On Thu, 2007-07-12 at 10:01 -0700, Les wrote: > >> I am starting this thread because I see many folks signing their > >> emails with a digital signature. > > > > I don't see a problem in someone posting a signed message. I do see a > > problem in beleiving that they are who they claim to be. There isn't > > any verification done, it's self-signed (self created). I've yet to > > find *any* GPG/PGP key that was counter-signed by another person, let > > alone one that was counter-signed by someone I trust. > > > > I think that is a glaring omission when it comes to RPM packages, or > > even notices about updates. Nevemind e-mails. > > There is a better chance of me being 'me' than there is of you being > 'you'. ;-) > > Websites are signed, they have certificates, as well as packages are > signed by distributions. I would much rather trust a package signed by > Fedora than I would one without a signature. Or one that I do not know. > > If you, for example, used Gnupg as I do you and I could actually send > private emails. Ones that only you and I can read. Since every server > keeps a copy of everything that you post, not just you but everyone, just > about anyone can read what you write. > > Kinda' makes you feel naked doesn't it? ;-) Websites were signed with 64 bit and 128 bit encryption, also, and the results of that are why we are seeing 256 and 1024 bit schemes proposed and used. Assymetric encryption (PGP stuff) means that there are two keys, derived from the original design, through either a geometric or exponential process. Encryption itself can be viewed as noise in the communications channel obscuring the signal. Several forms of attack are based upon that. Assymetric processes simply add more noise, but if geometric based the noise has a specific characteristic. Now I cannot break such encryption schemes, but I can see that there should be means available, just not in the traditional sense of breaking a code. I can visualize several forms of attack, but that is for another forum. My question here is how safe is the process, and how do you implement it personally to ensure it is safe? Moreover, can you estimate the risk being taken with the information. Is it safe for a year, a day or a century, given the resources available today? Is the process by which the keys are distributed and used available to anyone, and can they be falsified, and would falsification reduce the security of the process? Where are the instructions available for implementing the process. For example, David, your messages give me the warning Valid signature, cannot verify sender. So if this is the case, how could I trust your signature in a vital situation. In the case of double encryption, as in the case of "shared secrecy" for PGP, how secure is the result? And how was that determined? Today, teraflops on the desktop are a reality, and the big guys are into thousands of petaflops (whatever the next designator might be. My feeble brain quit counting at peta.) Also if parallel attacks several tens of thousands wide are attempted, how secure it the information and for how long? If a new view of decryption comes along, what will become of the algorithm and how will we know when it is broken? What if I used something like n-dimensional ffts against a noise added attack, would the key and data break apart like virus attacked dna? But to keep it simple here, is there somewhere a guide that gives step by step what do do to ensure the following: 1. you can use pgp signatures in both sending and receiving email. 2. Instructions for implementing, posting and using your own signatures. 3. the means of generating shared secret posts. 4. what to do if you discover that your signature and encryption is broken. 5. some estimate of the safety of the algorithms used. Regards, Les H