From mlisten at hammernoch.net  Sat Aug  1 03:03:30 2009
From: mlisten at hammernoch.net (=?ISO-8859-1?Q?Ludwig_H=FCgelsch=E4fer?=)
Date: Sat, 01 Aug 2009 12:03:30 +0200
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <4A7382F6.3030700@bellsouth.net>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>
	<4A7382F6.3030700@bellsouth.net>
Message-ID: <4A7412F2.90708@hammernoch.net>

Hi,

John W. Moore III wrote on 01.08.09 01:49:

> Last Report I read stated that 95% of _all_ Email sent passed over a
> U.S. circuit at some point in its journey.  The greatest protection
> against NSA at this time is the physical lack of ability to analyze this
> much data.  NSA is literally drowning in new data and cannot build
> storage facilities fast enough.

Given the fact, that far more than 50% of all email traffic is spam, I
really hope they drown. Some day I even hope, they do something against
spam. This would really make the internet world a better place. And
maybe I should buy shares in harddisk manufacturers. Sorry for this
sarcastic comment, but this is what I think "they" deserve.

> Once the UK/USA Agreement is considered the actual number of Emails
> passing through analytical checkpoints rises to 99% with only completely
> closed systems being immune.

You think about VPN tunnels or anonymous remailers?

Ludwig

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 550 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090801/2584542e/attachment.bin>

From hrickards at l33tmyst.com  Sat Aug  1 03:40:32 2009
From: hrickards at l33tmyst.com (Harry Rickards)
Date: Sat, 01 Aug 2009 11:40:32 +0100
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <4A7412F2.90708@hammernoch.net>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>
	<4A7412F2.90708@hammernoch.net>
Message-ID: <4A741BA0.4030002@l33tmyst.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ludwig H?gelsch?fer wrote:
> Hi,
> 
> John W. Moore III wrote on 01.08.09 01:49:
> 
>> Last Report I read stated that 95% of _all_ Email sent passed over a
>> U.S. circuit at some point in its journey.  The greatest protection
>> against NSA at this time is the physical lack of ability to analyze this
>> much data.  NSA is literally drowning in new data and cannot build
>> storage facilities fast enough.
> 
> Given the fact, that far more than 50% of all email traffic is spam, I
> really hope they drown. Some day I even hope, they do something against
> spam. This would really make the internet world a better place. And
> maybe I should buy shares in harddisk manufacturers. Sorry for this
> sarcastic comment, but this is what I think "they" deserve.
> 
>> Once the UK/USA Agreement is considered the actual number of Emails
>> passing through analytical checkpoints rises to 99% with only completely
>> closed systems being immune.
> 
> You think about VPN tunnels or anonymous remailers?
> 
Or, (seeing as this *is* an enigmail list) how about we all encrypt all
outgoing emails, and get the recepient to start using
GPG/OpenPGP/Whatever if they're not already. Surely it would also slow
spam down quite a bit, if there was a system where once a message was
marked as spam, all other messages encrypted by the same public key
would be marked as spam, requiring the spammers to generate a new
keypair for each spam message. If only it was a perfect world...

- --
Thanks
Harry Rickards <hrickards at l33tmyst.com>

GPG Key Info:
pub   1024R/58449F6F 2009-06-12
uid                  Harry Rickards (OpenPGP Card) <hrickards at l33tmyst.com>
sub   1024R/D775CCEE 2009-06-12
sub   1024R/9394048C 2009-06-12
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iJwEAQECAAYFAkp0G6AACgkQ+9DWHFhEn28Z0wP9EgzWvr4dy/Pl/unAAoIv7q7O
Gwq+4updAon/7Cg/m6OPrSPBtY/F+xxDPMy3slUfW933RNq5aflS627dBwh3IKo6
OGdFPSNx99iEwq+EifjotUWqW5reoJ/AlTQihsU2UgSKO6qYHJPdZmP6HEgD+570
GiHtAU3qHSSpbYH2ZvI=
=9qLj
-----END PGP SIGNATURE-----

From jmoore3rd at bellsouth.net  Sat Aug  1 05:10:08 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Sat, 01 Aug 2009 08:10:08 -0400
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <4A7412F2.90708@hammernoch.net>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>
	<4A7412F2.90708@hammernoch.net>
Message-ID: <4A7430A0.9060305@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

? wrote:

> You think about VPN tunnels or anonymous remailers?

I was referring to Systems that never touch the Internet.

JOHN ;)
Timestamp: Saturday 01 Aug 2009, 08:09  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKdDCfAAoJEBCGy9eAtCsP1OoH/iMu9piaYKE0WzjXIrzuCNHa
zL227QNavQTUa2Ao8CVvbAeDp2Aqpgu8OfYprdK5CHQ5fvy4hyV4mO7xjFXz+ux/
mn+hK6CFodp9cEST5S23AdKxBhPrfolonEX4WAE7DLGolNoCPJj7nQCsr7M5TCc0
lwqLmlcMRTpWW85lJNlXTUjA7EzbeDTcgaS3jqzKqQvT7BnRQeQm+Hy2957Jpa3G
g+5fvCW+0tAr+Pw16tJcAx7MYsmN4KRe37SHLSzcUs30NUTW5dL+T4W+b6sqfkRR
FCxX3Um/++H8QXBfv+7SyF3Fli2pAcFsyknYZmSBPpsrWvVdJOyDPEXGcbCGtOs=
=g07R
-----END PGP SIGNATURE-----

From classpath at arcor.de  Sat Aug  1 05:18:53 2009
From: classpath at arcor.de (Morten Gulbrandsen)
Date: Sat, 01 Aug 2009 14:18:53 +0200
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <4A741BA0.4030002@l33tmyst.com>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>	<4A7412F2.90708@hammernoch.net>
	<4A741BA0.4030002@l33tmyst.com>
Message-ID: <4A7432AD.5050202@arcor.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Harry Rickards wrote:
> Ludwig H?gelsch?fer wrote:
>> Hi,
> 
>> John W. Moore III wrote on 01.08.09 01:49:
> 
>>> Last Report I read stated that 95% of _all_ Email sent passed over a
>>> U.S. circuit at some point in its journey.  The greatest protection
>>> against NSA at this time is the physical lack of ability to analyze this
/****SNIP******/
>>> Once the UK/USA Agreement is considered the actual number of Emails
>>> passing through analytical checkpoints rises to 99% with only completely
>>> closed systems being immune.
>> You think about VPN tunnels or anonymous remailers?

<Morten>
If you have control over your own mailserver? Or you may use the
proprietary IBM Lotus Notes and Domino mailserver.
</Morten>




> 
> Or, (seeing as this *is* an enigmail list) how about we all encrypt all
> outgoing emails, and get the recepient to start using
> GPG/OpenPGP/Whatever if they're not already. Surely it would also slow
> spam down quite a bit, if there was a system where once a message was
> marked as spam, all other messages encrypted by the same public key
> would be marked as spam, requiring the spammers to generate a new
> keypair for each spam message. If only it was a perfect world...
> 



Dear Mr. H?gelsch?fer

I think this project is an acceptable approach.

Sender Policy Framework Project Overview

http://www.openspf.org/


http://www.kitterman.com/spf/validate.html

SPF Record Testing Tool

Does my domain already have an SPF record? What is it? Is it valid?

Retrieves SPF records for the specified domain name and determines if
the record is valid.

enigmail at mozdev.org

mozdev.org

Get SPF record (if any)

Input accepted, querying now...
SPF records are published in DNS as TXT records. No TXT records found
for your domain.


SPF records should also be published in DNS as type SPF records. This is
new and most implementations do not support it yet.
No type SPF records found.

</SPF>

<Morten>
this could be an option, if the moderator could approve this and suggest
to mozdev.org domain owner to implement this, then we can see.



http://www.robtex.com/dns/mozdev.org.html


Are there any better ways to fight spam?

the BITS Email Security Toolkit white-paper is also mentioned, which I
am reading now!

Due to the nature of mailing lists it is impossible to prevent email
address sender forgery. If the above mentioned also enables spam free
mailing lists in the traditional sense, I'd vote for it. But, the
spammers are smart guys, and they will invent countermeasures.


Sincerely yours,

Morten Gulbrandsen

?????????????
_____________________________________________________________________
Java programmer, C++ programmer
CAcert Assurer, GSWoT introducer, thawte Notary
Gossamer Spider Web of Trust http://www.gswot.org
Please consider the environment before printing this e-mail!



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (SunOS)
Comment: For keyID and its URL see the OpenPGP message header

iEYEARECAAYFAkp0Mq0ACgkQ9ymv2YGAKVSwMgCg7K2KkpH1hp8hJ8VKLwnofshg
SocAoODERp+WvT5D4xqBGlp4KQUcIFFY
=wlTK
-----END PGP SIGNATURE-----

From adw at chebucto.ns.ca  Sat Aug  1 07:40:15 2009
From: adw at chebucto.ns.ca (Andrew D Wright)
Date: Sat, 01 Aug 2009 11:40:15 -0300
Subject: [Enigmail] Enigmail unable to find gpg.exe when told
Message-ID: <4A7453CF.5020704@chebucto.ns.ca>


	I'm using Mozilla Thunderbird 2.0.0.22 downloaded from Mozilla.com on
Windows XP SP3 with Enigmail 0.96 and GnuPG 1.4.9. GPG works fine and
until recently so was Enigmail. Now Enigmail says it cannot find GnuPG.
I check the Override with box and specify the correct working location
of gpg.exe and still get the Could not find GnuPG message. I've
uninstalled and reinstalled Enigmail, restarted Thunderbird, rebooted
and still get the error messages. I don't know how to sort this out. Any
advice?

From patrick at mozilla-enigmail.org  Sat Aug  1 07:49:20 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Sat, 01 Aug 2009 16:49:20 +0200
Subject: [Enigmail] Unusable Japanese language. (Was Re: [ANN] Enigmail
 v0.96.0 available
In-Reply-To: <4A7303D5.9080400@metrocast.net>
References: <4A6046E1.4070009@mozilla-enigmail.org>	<4A65C547.5090200@bc.iij4u.or.jp>	<4A707487.70504@bc.iij4u.or.jp>	<4A729BD7.6040309@mozilla-enigmail.org>
	<4A7303D5.9080400@metrocast.net>
Message-ID: <4A7455F0.1060308@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Phil Stracchino wrote:
> Patrick Brunschwig wrote:
>> In order to be compliant with OpenPGP, the character set ISO-2022-JP
>> cannot be used since messages in this charset violate the PGP/MIME
>> standard.
> 
> OK, now I'm curious.  Why does ISO-2022-CP charset violate the PGP/MIME
> standard?  Is there a technical reason, was it arbitrarily excluded as a
> permissible charset, or was it just never written in?

Sorry, I was imprecise. The output created by Thunderbird in ISO-2022-JP
is not guaranteed to be compliant with OpenPGP. The reason is an error
in the charset converter in Thunderbird. I think this has been fixed in
TB 3.

- -Patrick

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSnRV7ncOpHodsOiwAQhVuAgAniCLY5zSltKZ47yUiNQPDwDtSJf3yY7U
625rwMWL1Jz2qfD/nVg8MXsGm9Yk27W1+Wcl0y7alHDhZBZ8cuLLAVfoj59FB2zT
f2XnmjdeTmDpHCI139fGYJIdlsML8Zwh+hMrqCBZ18dUMeQHkQP74CrtZXZeukNp
WxY2wZ3ae2mGg/JG+kFtVUBhG8Bzi/iNV93eRoCpR6PtTBRCdMy7Bi/JXPNUXqnl
YJPHxdHrsrLPaFMU0WvQEcgp+MNM06YGswVk0g9vWsJ2ffKVI/uhAuDxN7S905fi
ZFsLsy6FBWsQhIl9N0Lvp/cr0BMjkdwt5r7kyAGg2nRqRKiLfwISrQ==
=XrXI
-----END PGP SIGNATURE-----

From patrick at mozilla-enigmail.org  Sat Aug  1 07:51:17 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Sat, 01 Aug 2009 16:51:17 +0200
Subject: [Enigmail] Enigmail unable to find gpg.exe when told
In-Reply-To: <4A7453CF.5020704@chebucto.ns.ca>
References: <4A7453CF.5020704@chebucto.ns.ca>
Message-ID: <4A745665.1010901@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Andrew D Wright wrote:
> 	I'm using Mozilla Thunderbird 2.0.0.22 downloaded from Mozilla.com on
> Windows XP SP3 with Enigmail 0.96 and GnuPG 1.4.9. GPG works fine and
> until recently so was Enigmail. Now Enigmail says it cannot find GnuPG.
> I check the Override with box and specify the correct working location
> of gpg.exe and still get the Could not find GnuPG message. I've
> uninstalled and reinstalled Enigmail, restarted Thunderbird, rebooted
> and still get the error messages. I don't know how to sort this out. Any
> advice?

Could you check (and post) the precise error message displayed in the
OpenPGP > About dialog?

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSnRWZHcOpHodsOiwAQiFKAf+O1SEG0afCW8GV/CsAo6zoDLIkFlvryM/
6WAFU8VJ0bfUqadugHvumRVjHUTP93NnRLf7wkBgVQm6/M4otEsuo3gzKWm6rkqM
EhCW3EWOCLlFYISk7+8EmdpUzZ/ntD7LDo+hJUTrd1I1NtsGsqrxSMwhrzytqJgW
BbGimLna3l1zQzwf3b393/ZycuqNVSEvaniOomykDe5+0/+BXf6biacSXCR/kZ1v
BWhUM3ioXnJxMOFhvppj5np2CaMJHLVZJguxr07o2ocaIDmD5ZOlgTxZv12oUAJc
SC01dtuDJj3Ij9lMYZ8MykBdwPf3GaC5hcL49cCnomNn6TE4+wdq4Q==
=jyU5
-----END PGP SIGNATURE-----

From alaric at metrocast.net  Sat Aug  1 08:10:36 2009
From: alaric at metrocast.net (Phil Stracchino)
Date: Sat, 01 Aug 2009 11:10:36 -0400
Subject: [Enigmail] Unusable Japanese language. (Was Re: [ANN] Enigmail
 v0.96.0 available
In-Reply-To: <4A7455F0.1060308@mozilla-enigmail.org>
References: <4A6046E1.4070009@mozilla-enigmail.org>	<4A65C547.5090200@bc.iij4u.or.jp>	<4A707487.70504@bc.iij4u.or.jp>	<4A729BD7.6040309@mozilla-enigmail.org>	<4A7303D5.9080400@metrocast.net>
	<4A7455F0.1060308@mozilla-enigmail.org>
Message-ID: <4A745AEC.3080600@metrocast.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Patrick Brunschwig wrote:
> Phil Stracchino wrote:
>> Patrick Brunschwig wrote:
>>> In order to be compliant with OpenPGP, the character set ISO-2022-JP
>>> cannot be used since messages in this charset violate the PGP/MIME
>>> standard.
>> OK, now I'm curious.  Why does ISO-2022-CP charset violate the PGP/MIME
>> standard?  Is there a technical reason, was it arbitrarily excluded as a
>> permissible charset, or was it just never written in?
> 
> Sorry, I was imprecise. The output created by Thunderbird in ISO-2022-JP
> is not guaranteed to be compliant with OpenPGP. The reason is an error
> in the charset converter in Thunderbird. I think this has been fixed in
> TB 3.

Ah!  That makes more sense.  Thanks for the clarification.


- --
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkp0WusACgkQ0DfOju+hMkn8UwCg4lJNLtPXMpXXqZSrQVneVSHJ
jQMAoMFOAsY3hCRWrBp8+hg3sHgWOcAs
=c2MI
-----END PGP SIGNATURE-----

From adw at chebucto.ns.ca  Sat Aug  1 11:49:38 2009
From: adw at chebucto.ns.ca (Andrew D Wright)
Date: Sat, 01 Aug 2009 15:49:38 -0300
Subject: [Enigmail] Enigmail unable to find gpg.exe when told
In-Reply-To: <4A745665.1010901@mozilla-enigmail.org>
References: <4A7453CF.5020704@chebucto.ns.ca>
	<4A745665.1010901@mozilla-enigmail.org>
Message-ID: <4A748E42.9090803@chebucto.ns.ca>


	Here you go:

  GnuPG support provided by Enigmail

Running Enigmail version 0.96.0 (20090717-0949)

ERROR: Failed to access Enigmime service!



Patrick Brunschwig wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Andrew D Wright wrote:
>> 	I'm using Mozilla Thunderbird 2.0.0.22 downloaded from Mozilla.com on
>> Windows XP SP3 with Enigmail 0.96 and GnuPG 1.4.9. GPG works fine and
>> until recently so was Enigmail. Now Enigmail says it cannot find GnuPG.
>> I check the Override with box and specify the correct working location
>> of gpg.exe and still get the Could not find GnuPG message. I've
>> uninstalled and reinstalled Enigmail, restarted Thunderbird, rebooted
>> and still get the error messages. I don't know how to sort this out. Any
>> advice?
> 
> Could you check (and post) the precise error message displayed in the
> OpenPGP > About dialog?
> 
> - -Patrick

From faramir.cl at gmail.com  Sat Aug  1 12:54:55 2009
From: faramir.cl at gmail.com (Faramir)
Date: Sat, 01 Aug 2009 15:54:55 -0400
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <4A741BA0.4030002@l33tmyst.com>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>	<4A7412F2.90708@hammernoch.net>
	<4A741BA0.4030002@l33tmyst.com>
Message-ID: <4A749D8F.1090505@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Harry Rickards escribi?:
...
> GPG/OpenPGP/Whatever if they're not already. Surely it would also slow
> spam down quite a bit, if there was a system where once a message was
> marked as spam, all other messages encrypted by the same public key
> would be marked as spam, requiring the spammers to generate a new
> keypair for each spam message. If only it was a perfect world...

  The key used to encrypt messages is the public key of the recipient,
not the key of the sender...

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJKdJ2PAAoJEMV4f6PvczxATI8IAJZ5AG6HAZfMSdje9dvx1Lgs
dQTcPv4kj3ihLCeel93399rZNknGq+OzQ2xxQYwpMcGAu7C2IlOIRfYRPSeI6iDq
ygF4WUoMlMH/oSBn5VMPjmd0r0W1ZI3AZAQzCN7U9IWW0QjvYKsoObmGCm/4TILr
hW9jutvNJWe/VMga76QpIY2RP77ZLQ9aVzhLSKtFpc1SadDJ1ELPCzZSu6Vk5ecP
/aD+D/hm4UB8wklYhCYMfDNI+wgW3QeS8DvZYun/SDfaGwUlGRV4S1ab7ZLdnHIQ
7CAn5dwZAVypv5t5ymX9HalUbSW6VUQbrNoTCsFjuydeeDkAldKhI5vbyerQJRE=
=LBqG
-----END PGP SIGNATURE-----

From hrickards at l33tmyst.com  Sat Aug  1 12:58:34 2009
From: hrickards at l33tmyst.com (Harry Rickards)
Date: Sat, 01 Aug 2009 20:58:34 +0100
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <4A749D8F.1090505@gmail.com>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>	<4A7412F2.90708@hammernoch.net>	<4A741BA0.4030002@l33tmyst.com>
	<4A749D8F.1090505@gmail.com>
Message-ID: <4A749E6A.2040800@l33tmyst.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Faramir wrote:
> Harry Rickards escribi?:
> ...
>> GPG/OpenPGP/Whatever if they're not already. Surely it would also slow
>> spam down quite a bit, if there was a system where once a message was
>> marked as spam, all other messages encrypted by the same public key
>> would be marked as spam, requiring the spammers to generate a new
>> keypair for each spam message. If only it was a perfect world...
> 
>   The key used to encrypt messages is the public key of the recipient,
> not the key of the sender...
> 

Yeah, but if everyone were to sign their messages... Oh well, it's never
gonna happen.

- --
Thanks
Harry Rickards <hrickards at l33tmyst.com>

GPG Key Info:
pub   1024R/58449F6F 2009-06-12
uid                  Harry Rickards (OpenPGP Card) <hrickards at l33tmyst.com>
sub   1024R/D775CCEE 2009-06-12
sub   1024R/9394048C 2009-06-12
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iJwEAQECAAYFAkp0nmkACgkQ+9DWHFhEn2/juQQAokDkIawf7taPzA6cvqBt8jO5
Wgg/7utXYRLgILb3HojztGQ7H9pdlWYnS9NMfrQEP5AV546uwe15jdeHrJEL3aun
l1zq3xX2nSnDlkW+12a1jTUBh32AqdSRcCk+nHAVgokiLhWqm75deNZ9Ws8HrLR2
6BFyG5Vh/rKrlxfXD6Q=
=1K2e
-----END PGP SIGNATURE-----

From jmoore3rd at bellsouth.net  Sat Aug  1 13:10:42 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Sat, 01 Aug 2009 16:10:42 -0400
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <4A749E6A.2040800@l33tmyst.com>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>	<4A7412F2.90708@hammernoch.net>	<4A741BA0.4030002@l33tmyst.com>	<4A749D8F.1090505@gmail.com>
	<4A749E6A.2040800@l33tmyst.com>
Message-ID: <4A74A142.6000607@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Harry Rickards wrote:

> Yeah, but if everyone were to sign their messages... Oh well, it's never
> gonna happen.

Imagine a scenario wherein You have Your MUA GPG proxy/Frontend
[GPGrelay/Enigmail] set to 'Sign all messages' and You become 'infected'
and Your machine becomes a Spambot.  Every piece of SPAM sent from Your
computer would be 'Signed' with Your Key.  :-\

Since many folks leave their GPG Frontend or GPA set to cache their
passphrase for 'x' amount of time this is a possible scenario.

JOHN ;)
Timestamp: Saturday 01 Aug 2009, 16:10  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKdKE8AAoJEBCGy9eAtCsPZvwH/jrA0WSMYRsRPlmyNyujl7aA
CJiD8O5fd6I8WSkKyEsC9n/x7I1ygUQqMijcLQ9C+VA18Yz+IALLOaduR+lBpE2h
RGsmW7lPjOdsZesAjxCCQ5sY9l7I/1huGKzfv5QrKkwiQorIwZexSrbFsMaknDO4
bRfzha35RpCBNyTnNZMtnwOTslzkDL4mmtegsPk9QaeRlXdCYAbo9jsksABqRgfh
ZBQ3uFpPVCUhmaPwY+q3jRHwitIglD12fhXwfRUd0yhAAjazSCMtiAjZk+FORpb+
i/H00XsqXqCCBLD6cLw/PL5c5tTygmj55U6yz0dEkj7Qjb8usLP8A2Kqk2BAtYQ=
=t33X
-----END PGP SIGNATURE-----

From rjh at sixdemonbag.org  Sat Aug  1 18:19:54 2009
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Sat, 1 Aug 2009 21:19:54 -0400
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <4A74A142.6000607@bellsouth.net>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>	<4A7412F2.90708@hammernoch.net>	<4A741BA0.4030002@l33tmyst.com>	<4A749D8F.1090505@gmail.com>
	<4A749E6A.2040800@l33tmyst.com> <4A74A142.6000607@bellsouth.net>
Message-ID: <FCB9277F-DB9F-4BBD-9D64-D1E4151B67B4@sixdemonbag.org>

> Since many folks leave their GPG Frontend or GPA set to cache their
> passphrase for 'x' amount of time this is a possible scenario.

Better than that: this has been seen happening in the wild using PGP's  
email proxy.

There's a strong argument to be made that signing proxies are bad for  
security.  There is no benefit whatsoever to 99% of signatures.   
Having a proxy sign everything for you contributes very little to the  
integrity of your messages and leaves you open to potentially huge  
embarrassment if you ever get botted.

An opportunistic encryption proxy ("I'll encrypt the outgoing traffic  
if and only if I have a validated key for the recipient's email  
address") is a good idea; a universal signing proxy ("I'll sign all  
outgoing traffic, period!") is usually made of industrial-strength  
Stupid.



From alaric at metrocast.net  Sat Aug  1 18:47:22 2009
From: alaric at metrocast.net (Phil Stracchino)
Date: Sat, 01 Aug 2009 21:47:22 -0400
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <FCB9277F-DB9F-4BBD-9D64-D1E4151B67B4@sixdemonbag.org>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>	<4A7412F2.90708@hammernoch.net>	<4A741BA0.4030002@l33tmyst.com>	<4A749D8F.1090505@gmail.com>	<4A749E6A.2040800@l33tmyst.com>
	<4A74A142.6000607@bellsouth.net>
	<FCB9277F-DB9F-4BBD-9D64-D1E4151B67B4@sixdemonbag.org>
Message-ID: <4A74F02A.3080101@metrocast.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Robert J. Hansen wrote:
> An opportunistic encryption proxy ("I'll encrypt the outgoing traffic  
> if and only if I have a validated key for the recipient's email  
> address") is a good idea; a universal signing proxy ("I'll sign all  
> outgoing traffic, period!") is usually made of industrial-strength  
> Stupid.

Actually, I can think of one valid hypothetical application of the
latter: have all mailservers sign all mail that passes through them to
get an unforgeable (in practical terms) audit trail of where a given
message entered the mail system.  (Never mind the engineering details
for now.)

Of course, with massive botnets sending spam, that's no longer a useful
way to determine the real origin of spam.


- --
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkp08CoACgkQ0DfOju+hMkl6xQCgtjzuNuFIh4SeR7X/XkBnCfKB
uoMAoLrNns/adO1oIDtjK3z0RRTqAt9+
=90La
-----END PGP SIGNATURE-----

From rjh at sixdemonbag.org  Sat Aug  1 18:59:17 2009
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Sat, 1 Aug 2009 21:59:17 -0400
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <4A74F02A.3080101@metrocast.net>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>	<4A7412F2.90708@hammernoch.net>	<4A741BA0.4030002@l33tmyst.com>	<4A749D8F.1090505@gmail.com>	<4A749E6A.2040800@l33tmyst.com>
	<4A74A142.6000607@bellsouth.net>
	<FCB9277F-DB9F-4BBD-9D64-D1E4151B67B4@sixdemonbag.org>
	<4A74F02A.3080101@metrocast.net>
Message-ID: <38E27772-9464-4518-947F-3A07818DAE07@sixdemonbag.org>

> Actually, I can think of one valid hypothetical application of the
> latter

Note that I didn't say there were no valid uses; only that most uses  
of signing proxies are made of industrial-strength Stupid.  There are  
certainly niche applications for them.  :)

From alaric at metrocast.net  Sat Aug  1 19:03:31 2009
From: alaric at metrocast.net (Phil Stracchino)
Date: Sat, 01 Aug 2009 22:03:31 -0400
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <38E27772-9464-4518-947F-3A07818DAE07@sixdemonbag.org>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>	<4A7412F2.90708@hammernoch.net>	<4A741BA0.4030002@l33tmyst.com>	<4A749D8F.1090505@gmail.com>	<4A749E6A.2040800@l33tmyst.com>	<4A74A142.6000607@bellsouth.net>	<FCB9277F-DB9F-4BBD-9D64-D1E4151B67B4@sixdemonbag.org>	<4A74F02A.3080101@metrocast.net>
	<38E27772-9464-4518-947F-3A07818DAE07@sixdemonbag.org>
Message-ID: <4A74F3F3.8020808@metrocast.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Robert J. Hansen wrote:
>> Actually, I can think of one valid hypothetical application of the
>> latter
> 
> Note that I didn't say there were no valid uses; only that most uses  
> of signing proxies are made of industrial-strength Stupid.

True.  :)



- --
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkp08/MACgkQ0DfOju+hMkl2uwCcC3cnIXDth/LTd6D+OgYQRZ0L
nTsAoKahtW5LHkWMUqEPtvT4U8/n8L68
=0/MP
-----END PGP SIGNATURE-----

From patrick at mozilla-enigmail.org  Sun Aug  2 03:54:54 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Sun, 02 Aug 2009 12:54:54 +0200
Subject: [Enigmail] Enigmail unable to find gpg.exe when told
In-Reply-To: <4A748E42.9090803@chebucto.ns.ca>
References: <4A7453CF.5020704@chebucto.ns.ca>	<4A745665.1010901@mozilla-enigmail.org>
	<4A748E42.9090803@chebucto.ns.ca>
Message-ID: <4A75707E.4000009@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Andrew D Wright wrote:
> Patrick Brunschwig wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Andrew D Wright wrote:
>>> 	I'm using Mozilla Thunderbird 2.0.0.22 downloaded from Mozilla.com on
>>> Windows XP SP3 with Enigmail 0.96 and GnuPG 1.4.9. GPG works fine and
>>> until recently so was Enigmail. Now Enigmail says it cannot find GnuPG.
>>> I check the Override with box and specify the correct working location
>>> of gpg.exe and still get the Could not find GnuPG message. I've
>>> uninstalled and reinstalled Enigmail, restarted Thunderbird, rebooted
>>> and still get the error messages. I don't know how to sort this out. Any
>>> advice?
>> Could you check (and post) the precise error message displayed in the
>> OpenPGP > About dialog?
>>
>> - -Patrick
> 	Here you go:
>
>   GnuPG support provided by Enigmail
>
> Running Enigmail version 0.96.0 (20090717-0949)
>
> ERROR: Failed to access Enigmime service!

Alright, that's something different then. Do you have the addon "Outlook
PST" installed? If so, deactivate or uninstall it. It contains the
complete binary part of Enigmail, but unfortunately the part of Enigmail
v0.95.7, which is incomaptible to v0.96.0.

- -Patrick

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSnVwfXcOpHodsOiwAQgdIwf8DzgXONTNHNqxYrs6VDXmpqlVmmR69yQF
8kVXvGt4pOwkQuY+YKRGJW/l+ZbukroV0pRgKNys/cPV2nwjBkN/P70rz47YJHdr
iaZukxARJwh7NhtM2+JhSksLw0WoxcN9A7+9I1f84qQyK/1mEc8v2nsjPQfw34nt
P98/vrvbrYHatigSEifGjxdehekk/vtiNXFb6pUhGx2A/esCbm7FwhjdgVcGXDDO
KvEkS9Q2nAquWCCsGKV1qAusus69Y3eP5lzr/DEoWkyjxEGly4aQaBCnLcg0gT7c
YrOIDxLIrVzFEIPK6LhiFne1GHhKRGN1Iqz1DWtq5O6ppfFl+rxx/w==
=K8g0
-----END PGP SIGNATURE-----

From adw at chebucto.ns.ca  Sun Aug  2 10:45:35 2009
From: adw at chebucto.ns.ca (Andrew D Wright)
Date: Sun, 02 Aug 2009 14:45:35 -0300
Subject: [Enigmail] Enigmail unable to find gpg.exe when told
In-Reply-To: <4A75707E.4000009@mozilla-enigmail.org>
References: <4A7453CF.5020704@chebucto.ns.ca>
	<4A745665.1010901@mozilla-enigmail.org>
	<4A748E42.9090803@chebucto.ns.ca>
	<4A75707E.4000009@mozilla-enigmail.org>
Message-ID: <4A75D0BF.1000901@chebucto.ns.ca>


	Nope, no Outlook PST. Here are my installed add-ons in Thunderbird:

AboutConfig 0.6

Auto Copy 0.9.7

Delete Junk Context Menu 0.3.2.1

Enigmail 0.96.0

Mail Redirect 0.7.4






Patrick Brunschwig wrote:
> Alright, that's something different then. Do you have the addon "Outlook
> PST" installed? If so, deactivate or uninstall it. It contains the
> complete binary part of Enigmail, but unfortunately the part of Enigmail
> v0.95.7, which is incomaptible to v0.96.0.
> 
> - -Patrick
> 


From m4_ac at t-online.de  Sun Aug  2 12:44:04 2009
From: m4_ac at t-online.de (m4_ac at t-online.de)
Date: Sun, 02 Aug 2009 21:44:04 +0200
Subject: [Enigmail] enigmail tb3 and macosx
Message-ID: <1MXgyS-2ADEzA0@fwd09.aul.t-online.de>

An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090802/8991c89d/attachment.html>

From mlisten at hammernoch.net  Sun Aug  2 13:48:55 2009
From: mlisten at hammernoch.net (=?ISO-8859-1?Q?Ludwig_H=FCgelsch=E4fer?=)
Date: Sun, 02 Aug 2009 22:48:55 +0200
Subject: [Enigmail] enigmail tb3 and macosx
In-Reply-To: <1MXgyS-2ADEzA0@fwd09.aul.t-online.de>
References: <1MXgyS-2ADEzA0@fwd09.aul.t-online.de>
Message-ID: <4A75FBB7.60309@hammernoch.net>

Hi Markus,

m4_ac at t-online.de wrote on 02.08.09 21:44:
> Hello,
> 
> I tried to install enigmail for tb3 on MacOS 10.5 (intel).
> 
> When tb restarts it doesn't get properly installed and isn't listed
> under add-ons however.
> 
> Tried it with enigmail 0.97a.0+ and tb3b3 and tb3b4pre (latest i could
> find).
> 
> A few weeks ago I gave it a try which lead to the same result as well.
> 
> Any clues?

Works properly here, on PPC though. Please try creating a new profile
with TB3x and report back here.

Ludwig

BTW: Since it's quite likely that this won't be your last question, you
might feel comfortable subscribing to the list. You can do this here:

http://www.mozdev.org/mailman/listinfo/enigmail/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 550 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090802/c6032883/attachment.bin>

From m4_ac at t-online.de  Mon Aug  3 08:38:40 2009
From: m4_ac at t-online.de (m4_ac at t-online.de)
Date: Mon, 03 Aug 2009 17:38:40 +0200
Subject: [Enigmail] =?iso-8859-15?q?enigmail_tb3_and_macosx?=
Message-ID: <1MXzcW-174IdM0@fwd09.aul.t-online.de>

An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090803/a5be0984/attachment.html>

From ludovic at mozillamessaging.com  Tue Aug  4 01:30:16 2009
From: ludovic at mozillamessaging.com (Ludovic Hirlimann)
Date: Tue, 04 Aug 2009 10:30:16 +0200
Subject: [Enigmail] enigmail tb3 and macosx
In-Reply-To: <1MXzcW-174IdM0@fwd09.aul.t-online.de>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>
Message-ID: <4A77F198.40606@mozillamessaging.com>

On 8/3/09 5:38 PM, m4_ac at t-online.de wrote:
>
> Am 02.08.09 22:48, schrieb Ludwig H?gelsch?fer:
>
>     Hi Markus,
>
>     m4_ac at t-online.de wrote on 02.08.09 21:44:
>
>         Hello,
>
>         I tried to install enigmail for tb3 on MacOS 10.5 (intel).
>
>         When tb restarts it doesn't get properly installed and isn't listed
>         under add-ons however.
>
>         Tried it with enigmail 0.97a.0+ and tb3b3 and tb3b4pre (latest i could
>         find).
>
>         A few weeks ago I gave it a try which lead to the same result as well.
>
>         Any clues?
>
>     Works properly here, on PPC though. Please try creating a new profile
>     with TB3x and report back here.
>
>     Ludwig
>
>     BTW: Since it's quite likely that this won't be your last question, you
>     might feel comfortable subscribing to the list. You can do this here:
>
>     http://www.mozdev.org/mailman/listinfo/enigmail/
>         
>
>
> Creating a new profile didn't solve that.
>
> The error console doesn't report any problems either.
>
I'v just installed enigmail on my mactel and it works here with my old
profile - I had no need to create a new profile.


-- 
Ludovic Hirlimann MozillaMessaging QA lead
http://www.spreadthunderbird.com/aff/79/2

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/41ac7f94/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/41ac7f94/attachment.bin>

From ludovic at hirlimann.net  Tue Aug  4 01:27:45 2009
From: ludovic at hirlimann.net (Ludovic Hirlimann)
Date: Tue, 04 Aug 2009 10:27:45 +0200
Subject: [Enigmail] I need to test my install
Message-ID: <4A77F101.80507@hirlimann.net>

Any body willing to make sure I've restored my keys properly and that
I'v setup enigmail the properway ?

-- 
http://perso.hirlimann.net/~ludo/blog/
http://flickr.com/photos/lhirlimann


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/9781e2be/attachment.bin>

From shavital at mac.com  Tue Aug  4 03:28:57 2009
From: shavital at mac.com (Charly Avital)
Date: Tue, 04 Aug 2009 06:28:57 -0400
Subject: [Enigmail] I need to test my install
In-Reply-To: <4A77F101.80507@hirlimann.net>
References: <4A77F101.80507@hirlimann.net>
Message-ID: <4A780D69.3030804@mac.com>

Ludovic Hirlimann wrote the following on 8/4/09 4:27 AM:
> Any body willing to make sure I've restored my keys properly and that
> I'v setup enigmail the properway ?
> 

Hi Ludovic,

OpenPGP Security Info
Good signature from Ludovic Hirlimann (Normal Mail) <Ludovic at hirlimann.net>
Key ID: 0xC139647C / Signed on: 8/4/09 4:27 AM
Key fingerprint: 6EFB D26F C7A2 12B2 E093 B9E8 68F3 58F6 C139 647C

Your photo is displayed. It looks very small.

Charly

From mlisten at hammernoch.net  Tue Aug  4 03:30:35 2009
From: mlisten at hammernoch.net (=?ISO-8859-1?Q?Ludwig_H=FCgelsch=E4fer?=)
Date: Tue, 04 Aug 2009 12:30:35 +0200
Subject: [Enigmail] enigmail tb3 and macosx
In-Reply-To: <1MXzcW-174IdM0@fwd09.aul.t-online.de>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>
Message-ID: <4A780DCB.7030507@hammernoch.net>

Hi,

m4_ac at t-online.de wrote on 03.08.09 17:38:

>     m4_ac at t-online.de wrote on 02.08.09 21:44:
> 
>         Hello,
> 
>         I tried to install enigmail for tb3 on MacOS 10.5 (intel).
> 
>         When tb restarts it doesn't get properly installed and isn't listed
>         under add-ons however.
> 
>         Tried it with enigmail 0.97a.0+ and tb3b3 and tb3b4pre (latest i could
>         find).
> 
>         A few weeks ago I gave it a try which lead to the same result as well.
> 
>         Any clues?

(...)

> Creating a new profile didn't solve that.
> 
> The error console doesn't report any problems either.

Which other extensions have been installed? Is one of these installed
globally?

Ludwig

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 550 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/f1628be2/attachment.bin>

From jmoore3rd at bellsouth.net  Tue Aug  4 04:26:32 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Tue, 04 Aug 2009 07:26:32 -0400
Subject: [Enigmail] I need to test my install
In-Reply-To: <4A77F101.80507@hirlimann.net>
References: <4A77F101.80507@hirlimann.net>
Message-ID: <4A781AE8.9070804@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Ludovic Hirlimann wrote:
> Any body willing to make sure I've restored my keys properly and that
> I'v setup enigmail the properway ?

Good signature from Ludovic Hirlimann (Normal Mail) <Ludovic at hirlimann.net>
Key ID: 0xC139647C / Signed on: 8/4/2009 4:27 AM
Key fingerprint: 6EFB D26F C7A2 12B2 E093 B9E8 68F3 58F6 C139 647C

Looks Good so far.  :)

JOHN ;)
Timestamp: Tuesday 04 Aug 2009, 07:26  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKeBrkAAoJEBCGy9eAtCsP7t8H+gPUgfa2/PTehHW/cknEfCuj
O8Qo2sD0/0fs4cPshnSjnnAZ6wex4XM972sDb87J2yVfDfCwl8W5sOAL43gILP06
h7+hdI/X074jMB1SOsWUze/0/A9cVtK8ROMb4WTdxmb++WLyGC+hQcsGbxw9d/mk
P8FVQnOgr//1cKlfdwW9fTZzuKjdM0Ylj+kor3i3NDnkGugen2S5gBhtzK8otNrg
HkYTom4ttI0KVuhSzjQ/pJv+kR5mRChgcsffOMEcCqH6b/eDgnTKLZ3O8XReZt1C
Sh92j7HTuQ8E72QQaP/WrZpW192jPrZhiD59ySju2gGLI3fnfw7J/i/1gMc2YAI=
=Q2az
-----END PGP SIGNATURE-----

From awm at mbcli.com  Tue Aug  4 06:21:14 2009
From: awm at mbcli.com (Aram Mirzadeh)
Date: Tue, 04 Aug 2009 09:21:14 -0400
Subject: [Enigmail] Messages that include CR
Message-ID: <4A7835CA.9000302@mbcli.com>


Hi,

I'm having an issue with an encrypted message from an automated system.

It looks like the sending system (freebsd running Crypt::GPG) is adding
a CR to each line:

> -----BEGIN PGP MESSAGE-----=0D
> Version: GnuPG v1.4.2 (FreeBSD)=0D
> Comment: Crypt::GPG v1.42=0D
> =0D
> hQIOA/VL979GHnxrEAf+MO3QMVKCHuwzPTa5d6RAFK08tm/XTLpGtD41oInKIlT+=0D
> ZbRa7J5WJtWxTrBMAmpoW2JyL8eomchph2ckhIQiP+lzT6hBs/NFYnBX4DxMGIqi=0D
> mjTdVftBcNLRkAn7XQGV7YrvroD+9dEcnblx7CqV20LizLsHYZHil6+U3pGl8G1W=0D
> t34xx99p9nXvkhf/McyQJGMaVQLIL2oO+DYREEGT63Pu+9ifI5SWDUJ307xJ22T/=0D
> eJIBQZjEcUswDAIQuGWF0per9Jw8OeOjQl1k3+tAf6OIio4G1RIc26zaxmFkpcVp=0D

Which I'm assuming is the problem when I get "OpenPGP message: Error -
No valid armored OpenPGP data block found."

Thunderbird doesn't deal well with it either, the message shows as:

> Version: GnuPG v1.4.2 (FreeBSD)
> 
> Comment: Crypt::GPG v1.42
> 
> 
> 
> hQIOA/VL979GHnxrEAf+MO3QMVKCHuwzPTa5d6RAFK08tm/XTLpGtD41oInKIlT+
> 
> ZbRa7J5WJtWxTrBMAmpoW2JyL8eomchph2ckhIQiP+lzT6hBs/NFYnBX4DxMGIqi
> 
> mjTdVftBcNLRkAn7XQGV7YrvroD+9dEcnblx7CqV20LizLsHYZHil6+U3pGl8G1W

In the view screen.

I'm on Vista 64, running thunderbird version 2.0.0.22 (20090605) with
Enigmail: 0.96 and GnuPG 1.4.9.

Thank you.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: awm.vcf
Type: text/x-vcard
Size: 205 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/1c5cf86c/attachment.vcf>

From rjh at sixdemonbag.org  Tue Aug  4 06:25:29 2009
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Tue, 04 Aug 2009 09:25:29 -0400
Subject: [Enigmail] Messages that include CR
In-Reply-To: <4A7835CA.9000302@mbcli.com>
References: <4A7835CA.9000302@mbcli.com>
Message-ID: <4A7836C9.4040901@sixdemonbag.org>

Aram Mirzadeh wrote:
> I'm having an issue with an encrypted message from an automated system.

The automated system is not producing OpenPGP messages.  Enigmail
requires a proper OpenPGP message before it attempts to do anything with it.

The proper fix here is to tell the automated system to fix their setup.


From adw at chebucto.ns.ca  Tue Aug  4 09:04:20 2009
From: adw at chebucto.ns.ca (Andrew D Wright)
Date: Tue, 04 Aug 2009 13:04:20 -0300
Subject: [Enigmail] Enigmail unable to find gpg.exe when told
In-Reply-To: <4A75D0BF.1000901@chebucto.ns.ca>
References: <4A7453CF.5020704@chebucto.ns.ca>
	<4A745665.1010901@mozilla-enigmail.org>
	<4A748E42.9090803@chebucto.ns.ca>
	<4A75707E.4000009@mozilla-enigmail.org>
	<4A75D0BF.1000901@chebucto.ns.ca>
Message-ID: <4A785C04.3080903@chebucto.ns.ca>


	Additional: when all add-ons are disabled and Thunderbird restarted the
problem continues. It does not appear to come from these add-ons.

Andrew D Wright wrote:
> 	Nope, no Outlook PST. Here are my installed add-ons in Thunderbird:
> 
> AboutConfig 0.6
> 
> Auto Copy 0.9.7
> 
> Delete Junk Context Menu 0.3.2.1
> 
> Enigmail 0.96.0
> 
> Mail Redirect 0.7.4
> 
> 
> 
> 
> 
> 
> Patrick Brunschwig wrote:
>> Alright, that's something different then. Do you have the addon "Outlook
>> PST" installed? If so, deactivate or uninstall it. It contains the
>> complete binary part of Enigmail, but unfortunately the part of Enigmail
>> v0.95.7, which is incomaptible to v0.96.0.
>>
>> - -Patrick
>>
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail
> 

From allen.schultz at gmail.com  Tue Aug  4 09:17:36 2009
From: allen.schultz at gmail.com (Allen Schultz)
Date: Tue, 04 Aug 2009 10:17:36 -0600
Subject: [Enigmail] enigmail tb3 and macosx
In-Reply-To: <4A77F198.40606@mozillamessaging.com>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>
	<4A77F198.40606@mozillamessaging.com>
Message-ID: <4A785F20.9000206@gmail.com>

Ludovic Hirlimann wrote:
> On 8/3/09 5:38 PM, m4_ac at t-online.de wrote:
>> Am 02.08.09 22:48, schrieb Ludwig H?gelsch?fer:
<cut>

Just thought to let you know the following:

gpg: Signature made 08/04/09 02:30:17 using DSA key ID C139647C
gpg: BAD signature from "Ludovic Hirlimann (Mozilla Messaging)
<ludovic at mozillamessaging.com>"

-- 
Allen Schultz <Allen.Schultz at gmail.com>
GPG Key Info:
pub   3072R/DAD4736B 2009-05-20
      Key fingerprint = 16AD EFE1 D68F C8A8 B086  68CD 1A35 85C7 DAD4 736B
uid                  Allen Schultz (aldaek) <allen.schultz at gmail.com>
uid                  [jpeg image of size 6128]
sub   2048R/F55651E0 2009-05-20 [expires: 2010-05-20]
sub   2048R/5687B83E 2009-05-20 [expires: 2010-05-20]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: allen_schultz.vcf
Type: text/x-vcard
Size: 589 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/03e813b0/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/03e813b0/attachment.bin>

From jmoore3rd at bellsouth.net  Tue Aug  4 09:33:42 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Tue, 04 Aug 2009 12:33:42 -0400
Subject: [Enigmail] enigmail tb3 and macosx
In-Reply-To: <4A785F20.9000206@gmail.com>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>	<4A77F198.40606@mozillamessaging.com>
	<4A785F20.9000206@gmail.com>
Message-ID: <4A7862E6.6000909@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Allen Schultz wrote:
> Ludovic Hirlimann wrote:
>> On 8/3/09 5:38 PM, m4_ac at t-online.de wrote:
>>> Am 02.08.09 22:48, schrieb Ludwig H?gelsch?fer:
> <cut>
> 
> Just thought to let you know the following:
> 
> gpg: Signature made 08/04/09 02:30:17 using DSA key ID C139647C
> gpg: BAD signature from "Ludovic Hirlimann (Mozilla Messaging)
> <ludovic at mozillamessaging.com>"

And back to You:

gpg command line and output:
C:\GnuPG\gpg.exe
gpg: armor: BEGIN PGP SIGNED MESSAGE
gpg: armor header: Hash: SHA512
:packet 63: length 11 gpg: armor: BEGIN PGP SIGNATURE
gpg: armor header: Version: GnuPG v1.4.9 (MingW32)
gpg: armor header: Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org/
:literal data packet:
	mode t (74), created 0, name="",
	raw data: unknown length
gpg: original file name=''
:signature packet: algo 1, keyid C3728C2CF55651E0
	version 4, created 1249402660, md5len 0, sigclass 0x01
	digest algo 10, begin of digest b9 90
	hashed subpkt 2 len 4 (sig created 2009-08-04)
	subpkt 16 len 8 (issuer key ID C3728C2CF55651E0)
	data: [2047 bits]
gpg: Signature made 08/04/09 12:17:40 using RSA key ID F55651E0
gpg: using subkey F55651E0 instead of primary key DAD4736B
gpg: key B7AB9DE5: accepted as trusted key
gpg: key 6E23ECBB: accepted as trusted key
gpg: key 026B875E: accepted as trusted key
gpg: key DD00CE47: accepted as trusted key
gpg: key 82D70F78: accepted as trusted key
gpg: key 80B42B0F: accepted as trusted key
gpg: key A35FB676: accepted as trusted key
gpg: key 359C3A4A: accepted as trusted key
gpg: BAD signature from "Allen Schultz (aldaek) <allen.schultz at gmail.com>"
gpg: textmode signature, digest algorithm SHA512

JOHN ;)
Timestamp: Tuesday 04 Aug 2009, 12:33  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKeGLkAAoJEBCGy9eAtCsPrAQIAJtg/OvLOhpM10P9gbl+qJQg
9RFI9f8899VxBJBi0mwLH4IrGOVRd5CsOzm2vs6d5zQvS52o6Ykf3bi1QN6vh8uI
TXMmlHk1lhBSnfEoDZMezpSAlc9PrbBQ+1lXkb0fymoBAEYAQAbjAyD/wdtPzUOO
elmBnabyR+ZTwcKEfYhgJvUMDRN+jMoETayJQ+WpN7sGFsaPjuIy265OJ8pJZhN+
+0Qhl2L0WpJwM34vt/Ozr37QKJ0/OUrJEXU23s1boUjfxu2g8Xmkl9gJPSlWI3nh
rYEcFX5K75jHvr0TKCZ2hhhrIs9IljMcqSsJiUKtDb3Ta1FacZqv1jP94Wg0zeo=
=z1Wy
-----END PGP SIGNATURE-----

From allen.schultz at gmail.com  Tue Aug  4 10:28:34 2009
From: allen.schultz at gmail.com (Allen Schultz)
Date: Tue, 04 Aug 2009 11:28:34 -0600
Subject: [Enigmail] enigmail tb3 and macosx
In-Reply-To: <4A7862E6.6000909@bellsouth.net>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>	<4A77F198.40606@mozillamessaging.com>	<4A785F20.9000206@gmail.com>
	<4A7862E6.6000909@bellsouth.net>
Message-ID: <4A786FC2.7080301@gmail.com>

John W. Moore III wrote:
> gpg: BAD signature from "Allen Schultz (aldaek) <allen.schultz at gmail.com>"

I'm forcing my client to use Unicode-8. Am I getting invalid characters
here?

Allen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: allen_schultz.vcf
Type: text/x-vcard
Size: 589 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/03e55225/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/03e55225/attachment.bin>

From mlisten at hammernoch.net  Tue Aug  4 10:43:14 2009
From: mlisten at hammernoch.net (=?UTF-8?B?THVkd2lnIEjDvGdlbHNjaMOkZmVy?=)
Date: Tue, 04 Aug 2009 19:43:14 +0200
Subject: [Enigmail] enigmail tb3 and macosx
In-Reply-To: <4A785F20.9000206@gmail.com>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>	<4A77F198.40606@mozillamessaging.com>
	<4A785F20.9000206@gmail.com>
Message-ID: <4A787332.1070803@hammernoch.net>

Allen Schultz wrote on 04.08.09 18:17:
> Ludovic Hirlimann wrote:
>> On 8/3/09 5:38 PM, m4_ac at t-online.de wrote:
>>> Am 02.08.09 22:48, schrieb Ludwig H?gelsch?fer:
> <cut>
> 
> Just thought to let you know the following:
> 
> gpg: Signature made 08/04/09 02:30:17 using DSA key ID C139647C
> gpg: BAD signature from "Ludovic Hirlimann (Mozilla Messaging)
> <ludovic at mozillamessaging.com>"

This comes most probably from his multipart/alternative message
containing text/plain and text/html parts. Signed html in an email
almost always produces a bad signature (Hint: additional line wrapping
occuring on mail servers in the chain).

Ludwig

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 550 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090804/87b3bb68/attachment.bin>

From jmoore3rd at bellsouth.net  Tue Aug  4 12:32:11 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Tue, 04 Aug 2009 15:32:11 -0400
Subject: [Enigmail] enigmail tb3 and macosx
In-Reply-To: <4A786FC2.7080301@gmail.com>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>	<4A77F198.40606@mozillamessaging.com>	<4A785F20.9000206@gmail.com>	<4A7862E6.6000909@bellsouth.net>
	<4A786FC2.7080301@gmail.com>
Message-ID: <4A788CBB.8080403@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Allen Schultz wrote:
> John W. Moore III wrote:
>> gpg: BAD signature from "Allen Schultz (aldaek) <allen.schultz at gmail.com>"
> 
> I'm forcing my client to use Unicode-8. Am I getting invalid characters
> here?

Characters 'look' fine but the Signature doesn't verify.  :-\

JOHN ;)
Timestamp: Tuesday 04 Aug 2009, 15:32  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKeIy5AAoJEBCGy9eAtCsP4RQH/3ifjOBq6JngoDBBqclJwmw8
tFFNOwHaCAKcZF1BzXjr/0xpZdXLxlKJe50NL+iFFzzjqtgRb4t0Mld/4P3frXoN
DQMdZsOWhw6g/hsqS4+3PGfRZIClKe0qXMbRung9+D5xfl5NtOelhapr4M+QJCZ+
1xyh8LyJDaSFjNs1tHUGn39pY8K2u49oNieac9qPkWqicCLlvozL0WzTR683e69d
J0CkvEwDmG77P2L2fXuoBZ6RCRB7o+XMhm6IEntuaZMyAlHKjklKLHeyCOJW1Yej
UTzmM6iWIi1gLeHZ7zU7A4DnpRsm5XLWTZAteeO93Rrd19LL+IGvtRHYQ2njFYg=
=DB9N
-----END PGP SIGNATURE-----

From mlisten at hammernoch.net  Wed Aug  5 04:18:02 2009
From: mlisten at hammernoch.net (=?ISO-8859-1?Q?Ludwig_H=FCgelsch=E4fer?=)
Date: Wed, 05 Aug 2009 13:18:02 +0200
Subject: [Enigmail] enigmail tb3 and macosx - Solved
In-Reply-To: <1MXzcW-174IdM0@fwd09.aul.t-online.de>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>
Message-ID: <4A796A6A.4080508@hammernoch.net>

Hi @all

the whole story is a concatenation of two problems. The OP did download
the enigmail nightly from the original site using Safari 4. Safari adds
a ".zip" extension to the .xpi, so that the final filename is
"enigmail-trunk-tb-darwin-x86-ppc-trunk.xpi.zip"

Thunderbird 3.0b3 and Shredder nightly accept this extended file name
when trying to the install via the addon-manager. It displays the
extension name and version as if everything would be fine. But during
the subsequent restart exactly nothing happens. No error in the js Error
Console, nothing in the console or system log files, and no installation
of enigmail.

Renaming the file omitting the ".zip" solves the problem.

I'll try to correct the webserver settings so that no .zip will added
when downloading the mac-nightly with Safari.

Ludwig


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 550 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090805/01ff31f7/attachment.bin>

From patrick at mozilla-enigmail.org  Wed Aug  5 07:57:29 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 05 Aug 2009 16:57:29 +0200
Subject: [Enigmail] Enigmail unable to find gpg.exe when told
In-Reply-To: <4A785C04.3080903@chebucto.ns.ca>
References: <4A7453CF.5020704@chebucto.ns.ca>	<4A745665.1010901@mozilla-enigmail.org>	<4A748E42.9090803@chebucto.ns.ca>	<4A75707E.4000009@mozilla-enigmail.org>	<4A75D0BF.1000901@chebucto.ns.ca>
	<4A785C04.3080903@chebucto.ns.ca>
Message-ID: <4A799DD9.5090409@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Could you please create a debuggin output file and send it to me?

Thanks,
Patrick

Andrew D Wright wrote:
> 	Additional: when all add-ons are disabled and Thunderbird restarted the
> problem continues. It does not appear to come from these add-ons.
> 
> Andrew D Wright wrote:
>> 	Nope, no Outlook PST. Here are my installed add-ons in Thunderbird:
>>
>> AboutConfig 0.6
>>
>> Auto Copy 0.9.7
>>
>> Delete Junk Context Menu 0.3.2.1
>>
>> Enigmail 0.96.0
>>
>> Mail Redirect 0.7.4
>>
>>
>>
>>
>>
>>
>> Patrick Brunschwig wrote:
>>> Alright, that's something different then. Do you have the addon "Outlook
>>> PST" installed? If so, deactivate or uninstall it. It contains the
>>> complete binary part of Enigmail, but unfortunately the part of Enigmail
>>> v0.95.7, which is incomaptible to v0.96.0.
>>>
>>> - -Patrick


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSnmd13cOpHodsOiwAQgeeAgAxlNcoJnAwRY7LkTqa/WTLHnfWi/oC1OC
vNhhVQPviAAIxLHxJAgQ8J/5ngoX0cOoMfEB0R4xJy8Kdy6OJ9U24Myh2eUVslsH
1I4K6k/Ch3GrTiAT6NvExs/X4xIRivcyaoIjwVOy18GawWc2WsBYwQvPbDksGVUx
ATXKg5d6q+7v7a+lFDA/QbHJzD+eGBcSFvSV8EXxsXeZQ3eExd23VCR81mPbgqI8
GS5mY/kdoD2iMwIDs/NaqPBIM1Kha02LAnFWggjic+XfwUsJLmdQPxvic7uqj2B2
9M6VcLy4FlsKzI4sGsP15UgjbcrNNDU0F/eLEMKNyoXTKTyXuiHHHg==
=j3lg
-----END PGP SIGNATURE-----

From mlisten at hammernoch.net  Wed Aug  5 10:40:08 2009
From: mlisten at hammernoch.net (=?ISO-8859-15?Q?Ludwig_H=FCgelsch=E4fer?=)
Date: Wed, 05 Aug 2009 19:40:08 +0200
Subject: [Enigmail] enigmail tb3 and macosx - Solved
In-Reply-To: <4A796A6A.4080508@hammernoch.net>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>
	<4A796A6A.4080508@hammernoch.net>
Message-ID: <4A79C3F8.8040900@hammernoch.net>

Ludwig "Ingrid" H?gelsch?fer wrote on 05.08.09 13:18:

> I'll try to correct the webserver settings so that no .zip will added
> when downloading the mac-nightly with Safari.

[X] Done. Safari will now save under the original file name.

Ludwig

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 550 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090805/29ef8932/attachment.bin>

From rasmith1959 at gmail.com  Wed Aug  5 15:00:52 2009
From: rasmith1959 at gmail.com (Roy Smith)
Date: Wed, 05 Aug 2009 17:00:52 -0500
Subject: [Enigmail] A newbie to encryption, needs a test buddy
In-Reply-To: <mailman.1954.1249156484.63231.enigmail@mozdev.org>
References: <872519.64942.qm@web36308.mail.mud.yahoo.com>	<891402C6-00FA-4D31-9582-FB3EEC6633D1@sixdemonbag.org>	<eeeb012d0907311409x688366f5xb4645398997f5f15@mail.gmail.com>	<1E404185-3A01-4F30-9BFC-6566BEFF38FE@sixdemonbag.org>	<4A7369EE.4070704@fifthhorseman.net>	<4A7382F6.3030700@bellsouth.net>	<4A7412F2.90708@hammernoch.net>	<4A741BA0.4030002@l33tmyst.com>
	<mailman.1954.1249156484.63231.enigmail@mozdev.org>
Message-ID: <h5cvev$1o4g$1@mozdev.mozdev.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Faramir wrote:
> Harry Rickards escribi?:
> ....
>> GPG/OpenPGP/Whatever if they're not already. Surely it would also slow
>> spam down quite a bit, if there was a system where once a message was
>> marked as spam, all other messages encrypted by the same public key
>> would be marked as spam, requiring the spammers to generate a new
>> keypair for each spam message. If only it was a perfect world...
> 
>   The key used to encrypt messages is the public key of the recipient,
> not the key of the sender...

Though what you say is true for encrypting, but not for signing.  So if
it were required that every email have a PGP signature to be delivered,
then his idea would work... but then eventually the spammers would find
a way around that as well... sigh.

- --

Roy Smith
Ubuntu 9.04 Jaunty Jackalope
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkp6AQ8ACgkQsJ43Ti8ZtEY3UgCgmcTmO6eJ4c4/RYaacYIXagWd
sxYAoMOK3nx9Zt4HbZENBl5t6pl05lng
=tezH
-----END PGP SIGNATURE-----

From rangerrick at gmail.com  Wed Aug  5 20:44:53 2009
From: rangerrick at gmail.com (Benjamin Reed)
Date: Wed, 5 Aug 2009 23:44:53 -0400
Subject: [Enigmail] enigmail tb3 and macosx - Solved
In-Reply-To: <4A796A6A.4080508@hammernoch.net>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>
	<4A796A6A.4080508@hammernoch.net>
Message-ID: <57eba2250908052044h2d29aa22see3ff9ac52158ab9@mail.gmail.com>

2009/8/5 Ludwig H?gelsch?fer <mlisten at hammernoch.net>:

> Renaming the file omitting the ".zip" solves the problem.

Huh, wow.  I'd been limping along without enigmail working for a
while; been meaning to open a bug but hadn't gotten to it yet.  This
fixed it for me, too.  Thanks!

-- 
Benjamin Reed a.k.a. Ranger Rick
Fink, KDE, and Mac OS X development

Blog: http://www.raccoonfink.com/
Music: http://music.raccoonfink.com/

From simonvlc at gmail.com  Thu Aug  6 04:42:58 2009
From: simonvlc at gmail.com (=?ISO-8859-1?Q?Sim=F3n_Mu=F1oz?=)
Date: Thu, 06 Aug 2009 13:42:58 +0200
Subject: [Enigmail] Decrypt thunderbird attachment passphrase encrypted
Message-ID: <4A7AC1C2.1030208@gmail.com>

Hi there,

just wanted to know if it?s possible to auto decrypt a thunderbird
attachment passphrase protected. I?m trying to double click on it, but
Thunderbird gives me an error:

gpg: CAST5 encrypted data
gpg: encrypted with 1 passphrase
gpg: decryption failed: bad key

Manually savin the attachment and decrypting in command line works fine.

Thanks in advance, Simon.

-- 
Sim?n Mu?oz
POQUER-RED
www.poquer-red.com
Email & Skype: simonvlc at gmail.com
Msn: hidrahyl at hotmail.com


From jmoore3rd at bellsouth.net  Thu Aug  6 04:54:15 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Thu, 06 Aug 2009 07:54:15 -0400
Subject: [Enigmail] Decrypt thunderbird attachment passphrase encrypted
In-Reply-To: <4A7AC1C2.1030208@gmail.com>
References: <4A7AC1C2.1030208@gmail.com>
Message-ID: <4A7AC467.10202@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

? wrote:
> Hi there,
> 
> just wanted to know if it?s possible to auto decrypt a thunderbird
> attachment passphrase protected. I?m trying to double click on it, but
> Thunderbird gives me an error:
> 
> gpg: CAST5 encrypted data
> gpg: encrypted with 1 passphrase
> gpg: decryption failed: bad key
> 
> Manually savin the attachment and decrypting in command line works fine.

Quick Answer = NO

Long Answer involves Enigmail only applying gpg.exe to the base message.
 Attachments are often encrypted separately and 'appear' to Enigmail as
separate issues.  If ease of decryption is important, perhaps
instruction to the Sender to employ PGP/MIME is in order.  Another
possible solution, since You are using Windows, might be to install
GPGshell [http://www.jumaros.de/rsoft/index.html] and then right click
on the encrypted Attachment and select 'Open'; but this will require
re-entering of the appropriate passphrase.

HTH

JOHN ;)
Timestamp: Thursday 06 Aug 2009, 07:53  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKesRkAAoJEBCGy9eAtCsPAhQH/3OHrp3+2HgLpvJHOy7RwvHc
dF4o5969kXwJYUlzL8/tKoiKuInCzEBjYrtl4rNlEyW8p2bAdisdMEswkBruLNOo
yXUJ8qk8AqeqAeyIz1js6XxUAbzlkyRP92PCqQoTHRNgVjc5TFD54XqXGjfQfvDC
3JL8xQABTCHZUj92XhRs7yoqmXb6PZQdn2jsbWqCbdYXKZhkK9fGjY84zol49Bq8
jQxgimRQIIW+CbTBkjMn3R2hATfl30Y1FDuQHwCI7EVHZTfOqPssqKxAepDq2d4/
aqZuNDTSCInmMBLo//i9JCNTn+KM+c3NOTmDwJlJ1htZbXBUiJBTE/wwPWMN3gw=
=Y8bT
-----END PGP SIGNATURE-----

From mlisten at hammernoch.net  Thu Aug  6 09:28:10 2009
From: mlisten at hammernoch.net (=?ISO-8859-1?Q?Ludwig_H=FCgelsch=E4fer?=)
Date: Thu, 06 Aug 2009 18:28:10 +0200
Subject: [Enigmail] enigmail tb3 and macosx - Solved
In-Reply-To: <57eba2250908052044h2d29aa22see3ff9ac52158ab9@mail.gmail.com>
References: <1MXzcW-174IdM0@fwd09.aul.t-online.de>	<4A796A6A.4080508@hammernoch.net>
	<57eba2250908052044h2d29aa22see3ff9ac52158ab9@mail.gmail.com>
Message-ID: <4A7B049A.5090408@hammernoch.net>

Benjamin Reed wrote on 06.08.09 05:44:
> 2009/8/5 Ludwig H?gelsch?fer <mlisten at hammernoch.net>:
> 
>> Renaming the file omitting the ".zip" solves the problem.
> 
> Huh, wow.  I'd been limping along without enigmail working for a
> while; been meaning to open a bug but hadn't gotten to it yet.  This
> fixed it for me, too.  Thanks!

It was my fault not to place a .htaccess containing an AddType to set
the xpi extension to application/x-xpinstall in the download directory.
Thus the apache sent it as text/plain. Seems Safari 4 tries to be smart
and to analyze the downloaded file detecting a zip structure (xpi's are
zip archives) attaching a .zip extension after the .xpi.

As I practically never use Safari, I didn't notice this behaviour... I'm
also not quite sure what Safari 3 did. There were lots of downloads the
recent years using Safari, but nobody ever complained.

Glad that it works now!

Ludwig

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 550 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090806/f2a425af/attachment.bin>

From gustavo.zaera at freecode.no  Sat Aug  8 06:06:25 2009
From: gustavo.zaera at freecode.no (guStaVo ZaeRa)
Date: Sat, 08 Aug 2009 15:06:25 +0200
Subject: [Enigmail] Enigmail for Thunderbird 3 on 64 bit Linux
In-Reply-To: <4A1AD21E.5060104@FamilleCollet.com>
References: <4A1AD21E.5060104@FamilleCollet.com>
Message-ID: <4A7D7851.5010306@freecode.no>

Hello, Remi,

I don't know if you were successful in your compilation of enigmail for
thunderbird 3.0, but if you still need it, I have built an xpi here, ref.

https://social.zaera-holo.net/web/gustavo/blog/-/blogs/enigmail-for-thunderbird-3-0

cheers,
gustavo

-- 
guStaVo ZaeRa, Leveranse- og Kvalitetsansvarlig / Delivery and Quality manager
Cell: +47 - 473 44 007
Phone: +47 - 21 53 69 07, Fax: +47 - 21 53 69 09
Addr: Nydalsveien 30 B, 0484 Oslo
Web: www.freecode.no

Please avoid sending me Word or PowerPoint attachments. 

See http://www.gnu.org/philosophy/no-word-attachments.html


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090808/a59cf24b/attachment.bin>

From zhangweiwu at realss.com  Mon Aug 10 04:40:40 2009
From: zhangweiwu at realss.com (Zhang Weiwu)
Date: Mon, 10 Aug 2009 19:40:40 +0800
Subject: [Enigmail] discuss a use case when user migrate away from Enigmail
Message-ID: <4A800738.9040505@realss.com>

Usually user could not migrate away from Enigmail while still use
thunderbird, because the historical emails are encrypted using enigmail
and there has to be a way to read them. At the moment the only way is to
keep enigmail and all its features.

This issue is discussed in
https://www.mozdev.org/bugs/show_bug.cgi?id=21369 and since I am
suggested to openly discuss the issue in mailing list here I am.

Migrating away from Enigmail is a topic definitely make me look like a
jerk in this mailing list, but it can happen to my users, twice, with
reasons. I mentioned in the bug report the last time it happen is
because the company want to exchange encrypted email with other users of
Outlook etc.

My suggestion is enigmail offer a smooth downgrade path to work in
read-only mode when user decide to quit. By read-only enigmail don't
offer UI control on compose window. I had to say I am asking this
feature for users, I myself have been using enigmail for 3 years and
probably going to use it for the next decade too.

John Clizbe wrote suggesting migrator could keep enigmail and simply not
using it:
> I agree that it's a policy/training issue, not a technical one. In my years of
> experience, I've found/noticed that technical solutions to "people problems"
> either rarely work, or work so poorly that they are soon abandoned.
>   
My opinion:

Really? I have /completely opposite/ experience. I guess it has
something to do with what role you play in company (programming or IT
management) and in software team (requirement analysis or coding). In
fact in business environment software is planned after people problems,
after all email is more of a people matter than a computer matter (ask
your colleague in non-IT department what comes to his mind when he think
of email, I bet it is not "server" or "user agent"). In more than 5
years of business we analyze user behavior, requirement of the issue and
possible response from departments, role each people interact with the
system before documenting software requirements. Those software planned
skipping stakeholder reaction / behavior / aspect usually works poorly
and soon abandoned. We try one design, and check how people think,
change a design, sketching them, review them, before implementing them.
I understand and experienced in open source mostly it was done the
opposite way, a.k.a. developer attacks the technical problem and create
the best thing fitting a problem solution, UI is sometimes directly made
without sketching, reviewing and discussion etc and wait for feedback
later after release.

Best regards
Zhang Weiwu

-- 
???????????????? Real Softservice

?????100089 ?????238? ????406b?
Beisihuan Zhong Road No. 238 Baiyan Building Unit 406B

Tel: +86 (10) 8231 8580
http://www.realss.com




From post at lespocky.de  Mon Aug 10 05:12:05 2009
From: post at lespocky.de (Alexander Dahl)
Date: Mon, 10 Aug 2009 14:12:05 +0200
Subject: [Enigmail] discuss a use case when user migrate away from
	Enigmail
In-Reply-To: <4A800738.9040505@realss.com>
References: <4A800738.9040505@realss.com>
Message-ID: <0MKsym-1MaTjX3j3v-000YFR@mrelayeu.kundenserver.de>

Hi,

> Usually user could not migrate away from Enigmail while still use
> thunderbird, because the historical emails are encrypted using enigmail
> and there has to be a way to read them. At the moment the only way is to
> keep enigmail and all its features.

Do you want to migrate from Thunderbird+Enigmail to Thunderbird only? I
ask because it's no problem to migrate to another MUA supporting OpenPGP
to read encrypted mail. In fact I'm using several different MUAs to read
my encrypted mail over IMAP (e.g. mutt or KMail) and this works
absolutely fine, because Enigmail is just a frontend for GnuPG which is
in fact doing the encryption.

> This issue is discussed in
> https://www.mozdev.org/bugs/show_bug.cgi?id=21369 and since I am
> suggested to openly discuss the issue in mailing list here I am.

I had a look at this. You are mixing up S/MIME and OpenPGP there. For
example you talk about some native PGP feature of thunderbird. There is
none and has never been. Please be careful at this! S/MIME is supported
out of the box by many mail clients including Thunderbird, Outlook and
Outlook Express. It's a completely different technology than
PGP/OpenPGP/GnuPG. Enigmail has nothing to do with S/MIME but is simply
a frontend for the latter one.

> Migrating away from Enigmail is a topic definitely make me look like a
> jerk in this mailing list, but it can happen to my users, twice, with
> reasons. I mentioned in the bug report the last time it happen is
> because the company want to exchange encrypted email with other users of
> Outlook etc.

Is saving an unencrypted copy of the mail before uninstalling Enigmail
an option for you?

> My suggestion is enigmail offer a smooth downgrade path to work in
> read-only mode when user decide to quit. By read-only enigmail don't
> offer UI control on compose window. I had to say I am asking this
> feature for users, I myself have been using enigmail for 3 years and
> probably going to use it for the next decade too.

You can customize your toolbar in compose window and simply drag out the
OpenPGP icon if you just want to avoid clicking on it by accident.

Greets
Alex

-- 
?With the first link, the chain is forged. The first speech censured,
the first thought forbidden, the first freedom denied, chains us all
irrevocably.? (Jean-Luc Picard, quoting Judge Aaron Satie)
*** GnuPG-FP: 02C8 A590 7FE5 CA5F 3601  D1D5 8FBA 7744 CC87 10D0 ***

From jmoore3rd at bellsouth.net  Mon Aug 10 05:15:18 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Mon, 10 Aug 2009 08:15:18 -0400
Subject: [Enigmail] discuss a use case when user migrate away from
	Enigmail
In-Reply-To: <4A800738.9040505@realss.com>
References: <4A800738.9040505@realss.com>
Message-ID: <4A800F56.4000409@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Zhang Weiwu wrote:
> Usually user could not migrate away from Enigmail while still use
> thunderbird, because the historical emails are encrypted using enigmail
> and there has to be a way to read them. At the moment the only way is to
> keep enigmail and all its features.

Nothing is encrypted any differently using Enigmail than would be by
using Command Line.  Even without Enigmail the historical Email can be
decrypted as long as the same Keys [Keyrings] were used.  Open an
encrypted Email without the presence of any decrypting mechanism and You
will be presented with the Full Encrypted Message.  It may be decrypted
using any GPG Frontend or from the Command Line.  Enigmail just does the
tedious command line functions in the background.
> 
> This issue is discussed in
> https://www.mozdev.org/bugs/show_bug.cgi?id=21369 and since I am
> suggested to openly discuss the issue in mailing list here I am.

Well, My reading of the Bug revolved more around the folks You work with
becoming confused when presented with both an S/MIME button and one
labeled OpenPGP'.  While both systems utilize the PKI infrastructure
there are a great many differences between the 2.

Also, there is no way Enigmail can be Off/Disabled and still 'work' when
an encrypted message is Opened.

> Migrating away from Enigmail is a topic definitely make me look like a
> jerk in this mailing list

Nonsense!  People migrate to & from Enigmail everyday.  If You wish to
cease using Enigmail but require help in detoxing We are more than happy
to help.

I'm still wondering why the workforce You do IT for cannot distinguish
one toolbar button from another.  :-\

JOHN ;)
Timestamp: Monday 10 Aug 2009, 08:14  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKgA9UAAoJEBCGy9eAtCsP06kH/1o7vGyuTC+SgguCbiER+iWl
O2Er1y1v8BleopWylmj7tlOgywRK/M/156x5R08By+Wu861OamJZhpz3LjXZmx/o
Nc9tMcxo1ysJ6zhN/RnzyywRPVy27VWYLbmq8os1evle/hjcJRxaEwihL0S0gibX
l5oiyRELSD77qNbfT5dVUyMYZAGwJMxbqflCwxBKbAFTrOTiJhsXYo8vUnilxROu
ieUpr4ZYBW/dcKP7V2U+5lH6RtYJhMvIku1vlgM132g+SM1BzfRxndF8zxeH/OLe
8uHcioQ2xRGlMGA9QnYCRmfy4Ym8YuLCZVrUJDmj5N7UtGl9VOnxctGQfYj6lak=
=p5Ss
-----END PGP SIGNATURE-----

From zhangweiwu at realss.com  Mon Aug 10 05:19:16 2009
From: zhangweiwu at realss.com (Zhang Weiwu)
Date: Mon, 10 Aug 2009 20:19:16 +0800
Subject: [Enigmail] discuss a use case when user migrate away
	from	Enigmail
In-Reply-To: <0MKsym-1MaTjX3j3v-000YFR@mrelayeu.kundenserver.de>
References: <4A800738.9040505@realss.com>
	<0MKsym-1MaTjX3j3v-000YFR@mrelayeu.kundenserver.de>
Message-ID: <4A801044.5060704@realss.com>

Alexander Dahl wrote:
>
> I had a look at this. You are mixing up S/MIME and OpenPGP there. For
> example you talk about some native PGP feature of thunderbird. There is
> none and has never been. 
Hi. If the native supported S/MIME is not called PGP, then it is truly
me mixed it up, because IT support in other companies call their thing
that Outlook supports "PGP" so I think the S/MIME is the PGP thing they
talk about. But you can see I can tell S/MIME from OpenPGP so the
general discuss isn't affected.
> Is saving an unencrypted copy of the mail before uninstalling Enigmail
> an option for you?
>   
Yes.
>   
>> My suggestion is enigmail offer a smooth downgrade path to work in
>> read-only mode when user decide to quit. By read-only enigmail don't
>> offer UI control on compose window. I had to say I am asking this
>> feature for users, I myself have been using enigmail for 3 years and
>> probably going to use it for the next decade too.
>>     
>
> You can customize your toolbar in compose window and simply drag out the
> OpenPGP icon if you just want to avoid clicking on it by accident.
>   

You are right. In this case I hope in the beginning I didn't train user
to use the lower-right corner button.


From zhangweiwu at realss.com  Mon Aug 10 05:27:00 2009
From: zhangweiwu at realss.com (Zhang Weiwu)
Date: Mon, 10 Aug 2009 20:27:00 +0800
Subject: [Enigmail] discuss a use case when user migrate away
	from	Enigmail
In-Reply-To: <4A800F56.4000409@bellsouth.net>
References: <4A800738.9040505@realss.com> <4A800F56.4000409@bellsouth.net>
Message-ID: <4A801214.9010000@realss.com>

John W. Moore III wrote:
> Zhang Weiwu wrote:
> > Usually user could not migrate away from Enigmail while still use
> > thunderbird, because the historical emails are encrypted using enigmail
> > and there has to be a way to read them. At the moment the only way is to
> > keep enigmail and all its features.
>
> Nothing is encrypted any differently using Enigmail than would be by
> using Command Line.  Even without Enigmail the historical Email can be
> decrypted as long as the same Keys [Keyrings] were used.  Open an
> encrypted Email without the presence of any decrypting mechanism and You
> will be presented with the Full Encrypted Message.  It may be decrypted
> using any GPG Frontend or from the Command Line.  Enigmail just does the
> tedious command line functions in the background.
Well if you read the discussion context, you understand I would rather
keep enigmail than training user commandline usage or another email
client. Whatever I train users must be supported by me, and my
colleagues too. Let me exaggerate a bit and give you this scenario:
'Zhang, you trained users use commandline gpg? It's your doing, now they
are asking what it means "command not found: GPG", and I am not
responsible for this, talk to our manager to add workflow for supporting
commandline users'.

>
> I'm still wondering why the workforce You do IT for cannot distinguish
> one toolbar button from another.  :-\

They can, somehow. It is not the case "you must do this otherwise how do
I do my job", it is the case "if you do this, it will make our work a
bit easier". In fact I am also writing for other poor admins who didn't
write to this list and hoping to see in general more adaptive product.

From jmoore3rd at bellsouth.net  Mon Aug 10 05:27:33 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Mon, 10 Aug 2009 08:27:33 -0400
Subject: [Enigmail] discuss a use case when user migrate
	away	from	Enigmail
In-Reply-To: <4A801044.5060704@realss.com>
References: <4A800738.9040505@realss.com>	<0MKsym-1MaTjX3j3v-000YFR@mrelayeu.kundenserver.de>
	<4A801044.5060704@realss.com>
Message-ID: <4A801235.2070607@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Zhang Weiwu wrote:
> Alexander Dahl wrote:
>>
>> I had a look at this. You are mixing up S/MIME and OpenPGP there. For
>> example you talk about some native PGP feature of thunderbird. There is
>> none and has never been. 
> Hi. If the native supported S/MIME is not called PGP, then it is truly
> me mixed it up, because IT support in other companies call their thing
> that Outlook supports "PGP" so I think the S/MIME is the PGP thing they
> talk about. But you can see I can tell S/MIME from OpenPGP so the
> general discuss isn't affected.

It is possible that what You heard referred to is the PGP Outlook
Plug-In available from PGP Corporation with a paid license.  If that's
the case then they did have a dedicated button for PGP _but_ such a
button would rarely be seen on most computers. [MUA's]

I haven't checked lately but there is a version of GnuPG called gpgol
which is supposed to incorporate into Outlook.  You may wish to research it.

JOHN ;)
Timestamp: Monday 10 Aug 2009, 08:27  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKgBIzAAoJEBCGy9eAtCsPFpwH/jzC21+xnESO0z9xDB8ApaA3
WUjz11DalJ9NBmqgaqE5y9WCE+Zb35ubwAUqUIo3PKfgg6fYG+jPQtSCPNciBk6T
BAWnfO6kVJxGk1oY5rLeWHel1YoRndrKCKT0olsOh3ggE9KM3NhxYPf32v4+h1l7
k9JTcP3yoD9jufopuFbSraVxnq1NeJMwqV5tYZzbDdQZGt0KM88P/3qs5oep48pu
QKmVWOLQi+GXKEWIyJvgFHB3Lyo9B3T2YKynbdF/GSPPrOTqCYk6tXlo6DKP1H1K
eHcKo52G4diwkG/6KXIKy/HjxTXAetfwDKunq4n/+UxG2jIrR445IcGjAKrjYDU=
=pciU
-----END PGP SIGNATURE-----

From zhangweiwu at realss.com  Mon Aug 10 05:39:11 2009
From: zhangweiwu at realss.com (Zhang Weiwu)
Date: Mon, 10 Aug 2009 20:39:11 +0800
Subject: [Enigmail] discuss a use case when user migrate away
	from	Enigmail
In-Reply-To: <4A800F56.4000409@bellsouth.net>
References: <4A800738.9040505@realss.com> <4A800F56.4000409@bellsouth.net>
Message-ID: <4A8014EF.7000605@realss.com>

John W. Moore III wrote:
> Zhang Weiwu wrote:
> > Usually user could not migrate away from Enigmail while still use
> > thunderbird, because the historical emails are encrypted using enigmail
> > and there has to be a way to read them. At the moment the only way is to
> > keep enigmail and all its features.
>
> Nothing is encrypted any differently using Enigmail than would be by
> using Command Line.  Even without Enigmail the historical Email can be
> decrypted as long as the same Keys [Keyrings] were used.  Open an
> encrypted Email without the presence of any decrypting mechanism and You
> will be presented with the Full Encrypted Message.  It may be decrypted
> using any GPG Frontend or from the Command Line.  Enigmail just does the
> tedious command line functions in the background.

Sorry my first reply to you should I didn't get you accurately. Now I
see you suggest to use *anything* that can digest encrypted PGP text.
That means a lot more tools than commandline and even save it as .pgp
and de-crypt it in gnome nautilus. This trick should work. In fact I am
thinking it is even possible to write a separate software encrypting
text within gnome, e.g. as panel applet. That would be a separate
project with a more generic usage coverage.




From patrick at mozilla-enigmail.org  Mon Aug 10 06:16:35 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Mon, 10 Aug 2009 15:16:35 +0200
Subject: [Enigmail] discuss a use case when user migrate away from
	Enigmail
In-Reply-To: <4A800738.9040505@realss.com>
References: <4A800738.9040505@realss.com>
Message-ID: <4A801DB3.50707@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Zhang Weiwu wrote:
> Usually user could not migrate away from Enigmail while still use
> thunderbird, because the historical emails are encrypted using enigmail
> and there has to be a way to read them. At the moment the only way is to
> keep enigmail and all its features.
> 
> This issue is discussed in
> https://www.mozdev.org/bugs/show_bug.cgi?id=21369 and since I am
> suggested to openly discuss the issue in mailing list here I am.
> 
> Migrating away from Enigmail is a topic definitely make me look like a
> jerk in this mailing list, but it can happen to my users, twice, with
> reasons. I mentioned in the bug report the last time it happen is
> because the company want to exchange encrypted email with other users of
> Outlook etc.
> 
> My suggestion is enigmail offer a smooth downgrade path to work in
> read-only mode when user decide to quit. By read-only enigmail don't
> offer UI control on compose window. I had to say I am asking this
> feature for users, I myself have been using enigmail for 3 years and
> probably going to use it for the next decade too.

The problem is that unless you make sure that all encrypted mails are
decrypted once you move away from OpenPGP, you simply cannot abandon
OpenPGP (be it Enigmail or any other tool). Your solution is to offer a
read-only version of Enigmail. However, this is just a workaround to
block people from using Enigmail (not gpg). It does not solve the
problem that some people might under some restrictions still want or
need to use OpenPGP. Therefore I'd suggest that you look at it from a
different point of view.

You want to make sure that your employees don't send OpenPGP-emails
anymore. This is only of relevance for Enigmail as long as you use
Thunderbird; if your company chooses one day to switch to e.g. Outlook,
all solutions in Enigmail are useless. Therefore you should:

* 1st and foremost, revoke all keys and make sure people import the
revoked keys. That's the most secure (and I think also the only correct)
way to ensure that your OpenPGP infrastructure is read-only.

* In the Account Setting, disable support for OpenPGP for all relevant
identities. This way, if someone accidentally clicks on one of the
OpenPGP icons, he'll be asked to set up his account for OpenPGP and
cannot send signed/encrypted emails before doing so.

* Hide the Enigmail icon from the toolbar.

* And finally (I don't even think that this is really needed given the
above) define a per-recipient rule that makes sure no email is OpenPGP
signed or encrypted.

Given all of the options above, I really don't think that a special
"read-only" mode of Enigmail is needed or desired.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSoAdsncOpHodsOiwAQgiFwf+Iydc6mgQ7FpuM70IefWoCzVBcUoxcEo4
qAlMTUy+XQKkFOnq+KtPKvyMAJI2IexG3X+fHkZwgmpLWDFHApfDc0FPj7BcPFDd
V5QGFDbEEn3RI3LJwGFidkX6sSVlu2ylVwlMdnNQ6jf7EwxLxfc6KGutqt1BXm3p
06vnZ2CBfGodIOlmjKkqpN23PxYtZdVJ0T6+/jNksqrJxxpAy77q5i3pC4S3nGyd
/QMXHwBq/UOuVMRhGwTEuVkH7GrUDaybAvixxIbg5wULly2z4qDfWziIaKl33r1x
H440x33KsBXhcinn+yK27D0E9LjRo6KhnpUjrcXXje1/FOpNoKOb+Q==
=GDMl
-----END PGP SIGNATURE-----

From zhangweiwu at realss.com  Mon Aug 10 22:55:42 2009
From: zhangweiwu at realss.com (Zhang Weiwu)
Date: Tue, 11 Aug 2009 13:55:42 +0800
Subject: [Enigmail] how to remove pre-recipient rule?
Message-ID: <4A8107DE.8030708@realss.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello.

for testing purpose I configured pre-recipient rule by right click an
email address and select "Create openPGP rule from address". Later I
couldn't remove it.

I think there must be a rule editor somewhere on openPGP menu (in
compose window or in view message window) or account setting or
preferences where I can do this. No, all these places are searched. I
am using enigmail 0.95.0.

I also tried to remove rule from config editor by searching for keys
containing "enigmail" without luck.

Best regards
Zhang Weiwu

- --
???????????????? Real Softservice

?????100089 ?????238? ????406b?
Beisihuan Zhong Road No. 238 Baiyan Building Unit 406B

Tel: +86 (10) 8231 8580
http://www.realss.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkqBB94ACgkQaCpdSq8uCcFITwCgq/rGLnQ4HokWELMpRA3zSzIC
9o0An1ujbQIcgFGuYXqgPTnJlKLYFvcG
=gVRk
-----END PGP SIGNATURE-----


From patrick at mozilla-enigmail.org  Tue Aug 11 00:05:34 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Tue, 11 Aug 2009 09:05:34 +0200
Subject: [Enigmail] how to remove pre-recipient rule?
In-Reply-To: <4A8107DE.8030708@realss.com>
References: <4A8107DE.8030708@realss.com>
Message-ID: <4A81183E.3080800@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Zhang Weiwu wrote:
> Hello.
> 
> for testing purpose I configured pre-recipient rule by right click an
> email address and select "Create openPGP rule from address". Later I
> couldn't remove it.
> 
> I think there must be a rule editor somewhere on openPGP menu (in
> compose window or in view message window) or account setting or
> preferences where I can do this. No, all these places are searched. I
> am using enigmail 0.95.0.
> 
> I also tried to remove rule from config editor by searching for keys
> containing "enigmail" without luck.


Menu OpenPGP > Edit Per-Recipient Rules.

If you don't see the menu entry, open the OpenPGP Preferences and click
on "Display Expert Settings".

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSoEYPXcOpHodsOiwAQhoZwf9HVROr7Aa9WeNB6CVN8kZDAax87Q16wN3
YVDdTrBIfTg4ivsaQSQPyH5fBGSc0L3dKJWqXRWrTY9ntphWKpdqEogKYoGSRZdT
SbrV84fQBjh5SVPHfjRyQO4ITUxfRqXB9lTspw+JmkM3d3rq2MpPQ4YQEj2pMJ2o
Co4SzI3KBz2jVrEHD+ztuk1DQPZroDpl/15i31EJJg9y/4rcEp1Enw3u7FGFKu29
q4iHVt4voqtYRmbl0JmIOBh9V/teHHo/dvQuEv2wMzyLAMIjl+JQbn/R8AQYp08P
pvLEAoUaqQqWedp+86rcq5Xv0N2DY1mX8gHksIsIm2lmeCIsWMWR1A==
=J678
-----END PGP SIGNATURE-----

From zhangweiwu at realss.com  Tue Aug 11 00:08:27 2009
From: zhangweiwu at realss.com (Zhang Weiwu)
Date: Tue, 11 Aug 2009 15:08:27 +0800
Subject: [Enigmail] how to remove pre-recipient rule?
In-Reply-To: <4A81183E.3080800@mozilla-enigmail.org>
References: <4A8107DE.8030708@realss.com>
	<4A81183E.3080800@mozilla-enigmail.org>
Message-ID: <4A8118EB.5070605@realss.com>

Patrick Brunschwig wrote:
>
> If you don't see the menu entry, open the OpenPGP Preferences and click
> on "Display Expert Settings".
>
> -Patrick
Thanks. It is there.

From o.e.ekker at gmail.com  Tue Aug 11 05:53:45 2009
From: o.e.ekker at gmail.com (Onno Ekker)
Date: Tue, 11 Aug 2009 14:53:45 +0200
Subject: [Enigmail] Extra expanded headers
Message-ID: <4A8169D9.9090606@gmail.com>

Hi,

In Thunderbird 3 I get to see extra expanded headers like 
content-transfer-encoding. This is most probably due to the following 
setting:
user_pref("mailnews.headers.extraExpandedHeaders", "x-enigmail-version 
content-transfer-encoding openpgp x-mimeole x-bugzilla-reason x-php-bug");

I cannot find anything in Enigmail docs about this setting, only about 
pref mail.show_headers and extensions.enigmail.show_headers. The last 
preference isn't set for me, so I presume this one has been superseded 
by mailnews.headers.extraExpandedHeaders.

Can anyone confirm this setting is used by Enigmail and which headers 
should be expanded in order for Enigmail to work?
And maybe update the documentation under User preferences on 
http://enigmail.mozdev.org/documentation/userprefs.php

Onno

From jmoore3rd at bellsouth.net  Tue Aug 11 08:14:18 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Tue, 11 Aug 2009 11:14:18 -0400
Subject: [Enigmail] Extra expanded headers
In-Reply-To: <4A8169D9.9090606@gmail.com>
References: <4A8169D9.9090606@gmail.com>
Message-ID: <4A818ACA.50506@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Onno Ekker wrote:

> Can anyone confirm this setting is used by Enigmail and which headers
> should be expanded in order for Enigmail to work?
> And maybe update the documentation under User preferences on
> http://enigmail.mozdev.org/documentation/userprefs.php

Enigmail doesn't require that any Headers be 'Open' or visible.  The
huge 'Expanded Header' view in Thunderbird 3 is a hotly debated topic on
their Developer List.  I have in My possession an Extension that will
'compact' the large Header View in T-Bird 3.  Contact Me direct if You
would like Me to forward it to You.  I stumbled across it while reading
the Tb3 Forums and can't remember precisely what the specific URL is.  :-\

JOHN ;)
Timestamp: Tuesday 11 Aug 2009, 11:14  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKgYrJAAoJEBCGy9eAtCsPAy4IAJR/4i53eHnDnMyMTJynJhO7
cfIHTs0KW8hc2/lx1QmGv4uRGxiQb+uvV1DkyOU++LCTEOu7lBR67su4+wOszJUz
jZWWUtkcmCTVX8C4PPed0FnWPYFuM1DHH+bDxSo+9vhuF0P0S8B5v72qdYLV334E
9pMUcxlzcrIBm42SK6e9+pVMmqTW95GNjA6TFIRbZWUkpICJCO9Hs9ijaT8kpzUd
oasVvG9JjuTAue2NzuIUJfejbK2xrqVkso/XmaJAt1Xy2Kkry6tsdMbQl6wa31zW
wlsxs6I0LpoR6kdiRBRYM8JeXL+LfUILBxKT5p69GoPfusTwDsuH9LTWvpbCkl8=
=UE7f
-----END PGP SIGNATURE-----

From myself at alexander-bock.eu  Tue Aug 11 09:48:09 2009
From: myself at alexander-bock.eu (Alexander Bock)
Date: Tue, 11 Aug 2009 18:48:09 +0200
Subject: [Enigmail] Postbox support
Message-ID: <6B38CBED-6DDF-4C22-B949-2218879FB2BA@alexander-bock.eu>

Hello there,

I was wondering if support for Postbox is planned. I searched the  
forum and the list archives for "postbox" but I couldn't find an  
answer. Can you tell me?

Regards, Alex
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 195 bytes
Desc: Signierter Teil der Nachricht
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090811/42254544/attachment.bin>

From John at Mozilla-Enigmail.org  Tue Aug 11 13:38:32 2009
From: John at Mozilla-Enigmail.org (John Clizbe)
Date: Tue, 11 Aug 2009 15:38:32 -0500
Subject: [Enigmail] Postbox support
In-Reply-To: <6B38CBED-6DDF-4C22-B949-2218879FB2BA@alexander-bock.eu>
References: <6B38CBED-6DDF-4C22-B949-2218879FB2BA@alexander-bock.eu>
Message-ID: <4A81D6C8.2020408@Mozilla-Enigmail.org>

Alexander Bock wrote:
> Hello there,
> 
> I was wondering if support for Postbox is planned. I searched the  
> forum and the list archives for "postbox" but I couldn't find an  
> answer. Can you tell me?

https://www.mozdev.org/bugs/show_bug.cgi?id=21195


-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090811/b5bfe289/attachment.bin>

From Andreas.Fenner at thalesgroup.com  Wed Aug 12 01:43:01 2009
From: Andreas.Fenner at thalesgroup.com (Andreas Fenner)
Date: Wed, 12 Aug 2009 10:43:01 +0200
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
Message-ID: <4A828095.8050401@thalesgroup.com>

Hi,

does anybody know if a build is in the pipeline for SeaMonkey 2.*?

I offer myself as a tester *g*

Andreas

From John at Mozilla-Enigmail.org  Wed Aug 12 02:57:59 2009
From: John at Mozilla-Enigmail.org (John Clizbe)
Date: Wed, 12 Aug 2009 04:57:59 -0500
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <4A828095.8050401@thalesgroup.com>
References: <4A828095.8050401@thalesgroup.com>
Message-ID: <4A829227.80800@Mozilla-Enigmail.org>

Andreas Fenner wrote:
> Hi,
> 
> does anybody know if a build is in the pipeline for SeaMonkey 2.*?
> 
> I offer myself as a tester *g*

Have you tried the nightly Enigmail trunk builds?

-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090812/7b6d70b8/attachment.bin>

From funktioniert_trotz_SPAM at nurfuerspam.de  Wed Aug 12 03:34:03 2009
From: funktioniert_trotz_SPAM at nurfuerspam.de (Tobias Fischer)
Date: Wed, 12 Aug 2009 12:34:03 +0200
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <mailman.2052.1250071103.63231.enigmail@mozdev.org>
References: <4A828095.8050401@thalesgroup.com>
	<mailman.2052.1250071103.63231.enigmail@mozdev.org>
Message-ID: <h5u5qt$2kvq$1@mozdev.mozdev.org>

On 12.08.2009 11:57, John Clizbe wrote:
> Andreas Fenner wrote:
>> Hi,
>> 
>> does anybody know if a build is in the pipeline for SeaMonkey 2.*?
>> 
>> I offer myself as a tester *g*
> 
> Have you tried the nightly Enigmail trunk builds?
> 
Unfortunately the current Enigmail Nightly-Builds were not working with
SeaMonkey caused by an API-Change Thunderbird has made, and SeaMonkey
not (yet).

Its a real mess, that there are no Enigmail-Builds available for
SeaMonkey, when the SM 2.0 Beta 1 is released.

I have got an Enigmail-Nightly-Build for Win32 from before the
API-Change, this works fine for me with SM 2.0b2pre and 2.0b1 too.

If you (Andreas) like, I can send this 2009-06-15 Build via E-Mail to
you. Please reply here, I don't read my E-Mail often.


Tobias

From Andreas.Fenner at thalesgroup.com  Wed Aug 12 04:53:15 2009
From: Andreas.Fenner at thalesgroup.com (Andreas Fenner)
Date: Wed, 12 Aug 2009 13:53:15 +0200
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <h5u5qt$2kvq$1@mozdev.mozdev.org>
References: <4A828095.8050401@thalesgroup.com>	<mailman.2052.1250071103.63231.enigmail@mozdev.org>
	<h5u5qt$2kvq$1@mozdev.mozdev.org>
Message-ID: <4A82AD2B.3030400@thalesgroup.com>

Am 12.8.2009 12:34 schrieb Tobias Fischer:

> I have got an Enigmail-Nightly-Build for Win32 from before the
> API-Change, this works fine for me with SM 2.0b2pre and 2.0b1 too.
> 
> If you (Andreas) like, I can send this 2009-06-15 Build via E-Mail to
> you. Please reply here, I don't read my E-Mail often.


That would be nice. Please send me this build. I will try it.

Do you, or anybody else, know if it is planned to implement the
API-change from TB to SM 2.0 (final) too?


Best regards / Mit freundlichen Gr??en,
Andreas Fenner
-- 
---------------------------------------+-------------------------------
Thales Rail Signalling Solutions GmbH  |
Dept. TS/ESP-2                         |
Lorenzstrasse 10                       |  phone: +49 711 869-49823
D-70435 Stuttgart                      |  fax:   +49 711 869-46598
---------------------------------------+-------------------------------
Sitz der Gesellschaft/Domicile of the Company: Stuttgart
Amtsgericht/District Court: Stuttgart HRB 720908
Gesch?ftsf?hrer/Managing Directors:
Hans Leibbrand (Vorsitzender/Chairman), Manfred Riedinger
-----------------------------------------------------------------------

From jmoore3rd at bellsouth.net  Wed Aug 12 05:09:40 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Wed, 12 Aug 2009 08:09:40 -0400
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <4A828095.8050401@thalesgroup.com>
References: <4A828095.8050401@thalesgroup.com>
Message-ID: <4A82B104.7090508@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Andreas Fenner wrote:
> Hi,
> 
> does anybody know if a build is in the pipeline for SeaMonkey 2.*?
> 
> I offer myself as a tester *g*

The Enigmail Nightly Build's should work just fine on SeaMonkey 2.

http://enigmail.mozdev.org/download/nightly.php

JOHN ;)
Timestamp: Wednesday 12 Aug 2009, 08:09  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5068: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKgrECAAoJEBCGy9eAtCsP+9EH/RUrPkS1Qf9wxgSNj7o4kv9r
IKk/4i4TMYUbZtBMsh18+1DfLdF1Lg7eeJmDVZb64d4Z27mdp4F9W+VKKUMAmHQr
T0sx7j+yMpWULPxTdXMCPZUQp/Zvf9atsUXenJYvdb1pH2Eo1kr0I0cndTCjn+y6
oTrzSkxTLLIdT1L9D7nRMAX9f/Pgm9xa641ut8pYAL5kXB4kvn/Or4CYosEDRApM
dGbw8pZxuYLLp/AJ2f0bc4vszGAf91+0UULDnMnrfN33NR38S9bhfrVM0Q2rRFSS
hvdcCqFbpd0EG6Syxv2dk6Scjr+0uEZLFKaNMBew2tYHJanWfTXjj+JyBVHhgtg=
=xbnj
-----END PGP SIGNATURE-----

From Andreas.Fenner at thalesgroup.com  Wed Aug 12 05:46:50 2009
From: Andreas.Fenner at thalesgroup.com (Andreas Fenner)
Date: Wed, 12 Aug 2009 14:46:50 +0200
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <4A82B104.7090508@bellsouth.net>
References: <4A828095.8050401@thalesgroup.com> <4A82B104.7090508@bellsouth.net>
Message-ID: <4A82B9BA.8020602@thalesgroup.com>

Am 12.8.2009 14:09 schrieb John W. Moore III:
> Andreas Fenner wrote:
>> Hi,
> 
>> does anybody know if a build is in the pipeline for SeaMonkey 2.*?
> 
>> I offer myself as a tester *g*
> 
> The Enigmail Nightly Build's should work just fine on SeaMonkey 2.
> 
> http://enigmail.mozdev.org/download/nightly.php


I tried this - it did not show the decrypted/verifyed Mails. Only the
normal plain text :-(

I will try the older version of Tobias when it arrived me *g*

Andreas


_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail


From funktioniert_trotz_SPAM at nurfuerspam.de  Wed Aug 12 06:39:28 2009
From: funktioniert_trotz_SPAM at nurfuerspam.de (Tobias Fischer)
Date: Wed, 12 Aug 2009 15:39:28 +0200
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <mailman.2056.1250081218.63231.enigmail@mozdev.org>
References: <4A828095.8050401@thalesgroup.com> <4A82B104.7090508@bellsouth.net>
	<mailman.2056.1250081218.63231.enigmail@mozdev.org>
Message-ID: <h5ugmi$l2u$1@mozdev.mozdev.org>

On 12.08.2009 14:46, Andreas Fenner wrote:
> Am 12.8.2009 14:09 schrieb John W. Moore III:
>> Andreas Fenner wrote:
>>> Hi,
>> 
>>> does anybody know if a build is in the pipeline for SeaMonkey 2.*?
>> 
>>> I offer myself as a tester *g*
>> 
>> The Enigmail Nightly Build's should work just fine on SeaMonkey 2.
>> 
>> http://enigmail.mozdev.org/download/nightly.php
> 
> 
> I tried this - it did not show the decrypted/verifyed Mails. Only the
> normal plain text :-(
> 
> I will try the older version of Tobias when it arrived me *g*

Have sent the File to you E-Mail Address now, sorry for the delay.

And sure, the current Enigmail Nightly-Builds won't work with SeaMonkey
2.0x. This was also described on the Nightly-Download-Page.

And no, I don't know, when or if SeaMonkey will pick up TBs API-Changes.


Tobias

From simon at formoda.co.uk  Wed Aug 12 06:53:14 2009
From: simon at formoda.co.uk (Simon Dolley - Formoda)
Date: Wed, 12 Aug 2009 14:53:14 +0100
Subject: [Enigmail] User ID with or without email address
Message-ID: <4A82C94A.8050505@formoda.co.uk>

An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090812/854c0d4e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: line-1.gif
Type: image/gif
Size: 49 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090812/854c0d4e/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: formoda-logo.gif
Type: image/gif
Size: 1052 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090812/854c0d4e/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: line-2.gif
Type: image/gif
Size: 49 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090812/854c0d4e/attachment-0002.gif>

From shavital at mac.com  Wed Aug 12 07:33:55 2009
From: shavital at mac.com (Charly Avital)
Date: Wed, 12 Aug 2009 10:33:55 -0400
Subject: [Enigmail] User ID with or without email address
In-Reply-To: <4A82C94A.8050505@formoda.co.uk>
References: <4A82C94A.8050505@formoda.co.uk>
Message-ID: <4A82D2D3.1060509@mac.com>

Simon Dolley - Formoda wrote the following on 8/12/09 9:53 AM:
[...]
> So I generated a key in GNUPGP and imported into Enigmail but now when I
> try and sign the mail it can't find it because it is not attached to an
> account.
> How can I do this?
> Simon

Try:

OpenPGP Preferences/Key Selection/By pre-set Rules only

OpenPGP Preferences/Edit Per-recipient Rules>Edit rule to use the key
you have imported that does not bear an email address.

Charly

From l.dobrev at gmail.com  Wed Aug 12 07:59:00 2009
From: l.dobrev at gmail.com (Lachezar Dobrev)
Date: Wed, 12 Aug 2009 17:59:00 +0300
Subject: [Enigmail] User ID with or without email address
In-Reply-To: <4A82C94A.8050505@formoda.co.uk>
References: <4A82C94A.8050505@formoda.co.uk>
Message-ID: <90266c3f0908120759y212855fah35d8931e7d907e8b@mail.gmail.com>

  You can use an alternative identity for your e-mail account.
  For this alternative identity in the OpenPGP tab you can choose 'Use
specific OpenPGP key ID'

  After that when composing mail choose the right identity from the
combo box on top.

2009/8/12 Simon Dolley - Formoda <simon at formoda.co.uk>:
> I need to sign emails using PGP to send to Nominet. They require the user ID
> to have no email address. I tried to generate a key using Enigmail in
> Thunderbird but you have to associate with a a user account (and therefore
> include an email address) - which Nominet don't accept.
>
> So I generated a key in GNUPGP and imported into Enigmail but now when I try
> and sign the mail it can't find it because it is not attached to an account.
>
> How can I do this?
>
> Simon
> --
>
> Simon Dolley
> Managing Director
>
> T: 08450 510 366 | M: 07800 556 909 | E: simon at formoda.co.uk | W:
> www.formoda.co.uk
> Formoda Ltd | Rosebank | Coombeshead Road | Highweek | Newton Abbot | TQ12
> 1PY
>
>
>
>
>
> This email is intended only for the addressee named above. As this email may
> contain confidential or privileged information if you are not, or suspect
> that you are not, the named addressee or the person responsible for
> delivering the message to the named addressee, please contact us
> immediately. Please note that we cannot guarantee that this message or any
> attachment is virus free or has not been intercepted and amended. The views
> of the author may not necessarily reflect those of Formoda Ltd.
>
>
> Copyright ? 2007 Formoda Ltd. All Rights Reserved.
> Designated trademarks and brands are the property of their respective
> owners.
> Formoda and the Formoda logo are trademarks of Formoda Ltd. So there.
>
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail
>
>

From jmoore3rd at bellsouth.net  Wed Aug 12 07:59:35 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Wed, 12 Aug 2009 10:59:35 -0400
Subject: [Enigmail] User ID with or without email address
In-Reply-To: <4A82C94A.8050505@formoda.co.uk>
References: <4A82C94A.8050505@formoda.co.uk>
Message-ID: <4A82D8D7.5040803@bellsouth.net>

An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090812/dd632207/attachment.html>

From Andreas.Fenner at thalesgroup.com  Thu Aug 13 04:56:34 2009
From: Andreas.Fenner at thalesgroup.com (Andreas Fenner)
Date: Thu, 13 Aug 2009 13:56:34 +0200
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <h5u5qt$2kvq$1@mozdev.mozdev.org>
References: <4A828095.8050401@thalesgroup.com>	<mailman.2052.1250071103.63231.enigmail@mozdev.org>
	<h5u5qt$2kvq$1@mozdev.mozdev.org>
Message-ID: <4A83FF72.8000908@thalesgroup.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

thanks to Tobias - with "Enigmail version 0.96a (20090615-0643)"
(enigmail-trunk-tb-win32-trunk20090615.xpi) it is working now.


Andreas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqD/3IACgkQmxsLTgRoLtz4xgCdFajXM1G3wJewcOcBw3olmiKm
CpAAoI0PXb3bgd6DvOZ6pGW0K0+wh2kR
=B+B+
-----END PGP SIGNATURE-----

From dgboles at gmail.com  Fri Aug 14 01:38:42 2009
From: dgboles at gmail.com (David Boles)
Date: Fri, 14 Aug 2009 04:38:42 -0400
Subject: [Enigmail] Can not remove a key
Message-ID: <4A852292.1040902@gmail.com>

Windows x86_64 Vista

Thunderbird 3.0 beta 3

Enigmail nightly build downloaded and installed 08/14/2009

I have a public key in my key ring that has expired on 08/07/2009. Going
through the motions to remove the key Enigmail will prompt the delete
request with a 'confirm' popup window. Selecting the delete button in
that popup window causes a second popup window that says "the key could
not be deleted".

Ideas?
-- 


  David

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090814/af04838d/attachment.bin>

From ldc at lrcressy.com  Fri Aug 14 05:51:08 2009
From: ldc at lrcressy.com (LeRoy)
Date: Fri, 14 Aug 2009 08:51:08 -0400
Subject: [Enigmail] Can not remove a key
In-Reply-To: <4A852292.1040902@gmail.com>
References: <4A852292.1040902@gmail.com>
Message-ID: <4A855DBC.9050103@lrcressy.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Boles wrote:
> Windows x86_64 Vista
> 
> Thunderbird 3.0 beta 3
> 
> Enigmail nightly build downloaded and installed 08/14/2009
> 
> I have a public key in my key ring that has expired on 08/07/2009. Going
> through the motions to remove the key Enigmail will prompt the delete
> request with a 'confirm' popup window. Selecting the delete button in
> that popup window causes a second popup window that says "the key could
> not be deleted".
> 
> Ideas?
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail
gpg --delete-keys keyID

- --
 Rev. LeRoy D. Cressy  mailto:leroy at lrcressy.com   /\_/\
                       http://lrcressy.com        ( o.o )
                       Phone:  215-535-4037        > ^ <
		       Cell:   267-307-3527

gpg fingerprint:  62DE 6CAB CEE1 B1B3 359A  81D8 3FEF E6DA 8501 AFEA

For info on enigmail:    http://lrcressy.com/linux/mozilla.pdf
For info on gpg:         http://www.gnupg.org/

Jesus saith unto him, I am the way, the truth, and the life:
no man cometh unto the Father, but by me. (John 14:6)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBSoVdvKuxGqN1iGbbAQI4mgf9EpcD2Nem8Ovs9uH00mLblXELPhokprFv
dbNbDtOGIlpLIwK4p7ZhtCsljvVnsCy2b/0+auqv0rs80CsR0qj9xHqOuxFK4BnF
fx0NQqXDWt9EIB0AJtOJM9vA5xDZPZnq5IprPdVR/6mvO7a6Y0wowzXvF3Jofcv9
SX4spF5VD0Fhh79vSGo9SCS+FUA3P38UCs1M31GutwUVtYiO/bq47wLn2qnCeGH3
1NAOl63a/Pt74uxkFmRQREN384V/VD2FoeVF/+6n3VKeCffiyH1Y+CRMOZbPilDZ
L6WjhQH2MTjVv3Jhq4sMYSu3MXlQ4dopa3T3wnhvOgvbWxGr2hA28w==
=pbmN
-----END PGP SIGNATURE-----

From dgboles at comcast.net  Fri Aug 14 09:19:03 2009
From: dgboles at comcast.net (David Boles)
Date: Fri, 14 Aug 2009 12:19:03 -0400
Subject: [Enigmail] Can not remove a key
In-Reply-To: <4A855DBC.9050103@lrcressy.com>
References: <4A852292.1040902@gmail.com> <4A855DBC.9050103@lrcressy.com>
Message-ID: <4A858E77.8000407@comcast.net>

On 8/14/2009 8:51 AM, LeRoy wrote:
> David Boles wrote:
>> Windows x86_64 Vista
> 
>> Thunderbird 3.0 beta 3
> 
>> Enigmail nightly build downloaded and installed 08/14/2009
> 
>> I have a public key in my key ring that has expired on 08/07/2009. Going
>> through the motions to remove the key Enigmail will prompt the delete
>> request with a 'confirm' popup window. Selecting the delete button in
>> that popup window causes a second popup window that says "the key could
>> not be deleted".
> 
>> Ideas?



> gpg --delete-keys keyID


Thank you. That indeed worked as it should.

I wonder if that is a reportable bug in Enigmail?

-- 


  David

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090814/157f86bc/attachment.bin>

From alexanderbertram at live.com  Sun Aug 16 09:33:09 2009
From: alexanderbertram at live.com (Alexander Bertram)
Date: Sun, 16 Aug 2009 18:33:09 +0200
Subject: [Enigmail] Enigmail and OpenPGP Smartcard
Message-ID: <b169ee440908160933k590bb35bl94d5f2103ffc9fdd@mail.gmail.com>

Hi there!

I use Thunderbird and Enigmail in an Mac OS X Environment. My Smartcard
Reader works fine with Mac OS and the "Manage Smartcard"-Tool of Enigmail
can access my Smartcard.

A few months ago I created a key pair on my OpenPGP Smartcard with
GnuPG4Win.

Unfortunately, I don't know how to sign a Mail, using the Private Key on my
Smartcard. If I try do sign and send a mail, the message "Cannot find
Private Key" appears.

What is the procedure to sign a mail with a Private Key, stored on a
Smartcard?

I appreciate for any help!

Alex
...........................................................................................................................
Viele Gr??e / Com os meus melhores cumprimentos / Kind Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090816/d66b4a90/attachment.html>

From shavital at mac.com  Sun Aug 16 11:30:45 2009
From: shavital at mac.com (Charly Avital)
Date: Sun, 16 Aug 2009 14:30:45 -0400
Subject: [Enigmail] Enigmail and OpenPGP Smartcard
In-Reply-To: <b169ee440908160933k590bb35bl94d5f2103ffc9fdd@mail.gmail.com>
References: <b169ee440908160933k590bb35bl94d5f2103ffc9fdd@mail.gmail.com>
Message-ID: <4A885055.2060403@mac.com>

Alexander Bertram wrote the following on 8/16/09 12:33 PM:
> Hi there!
> 
> I use Thunderbird and Enigmail in an Mac OS X Environment. My Smartcard
> Reader works fine with Mac OS and the "Manage Smartcard"-Tool of
> Enigmail can access my Smartcard.
> 
> A few months ago I created a key pair on my OpenPGP Smartcard with
> GnuPG4Win.
> 
> Unfortunately, I don't know how to sign a Mail, using the Private Key on
> my Smartcard. If I try do sign and send a mail, the message "Cannot find
> Private Key" appears.
> 
> What is the procedure to sign a mail with a Private Key, stored on a
> Smartcard?
> 
> I appreciate for any help!
>  
> Alex

In the account's settings you have to select the key (you generated
under GnuPG4Win) as the key for this identity:

Tools/Account Settings.../OpenPGP Security/:
- enable (mark) the small square button 'Enable OpenPGP support
(Enigmail) for this identity'
- select the round button 'Use specific OpenPGP Key ID ....', then click
the rectangular button named 'Select key', this should invoke the list
of your keyring, where you should select the key you want to use, click
OK, and ascertain that the proper Key ID now shows in the field at the
left of that rectangular button.

Hope this helps.
Charly
MacOS 10.5.8-MacBook Intel C2Duo 2GHz-GnuPG 1.4.10rc1-MacGPG 2.0.12
TB 2.0.0.22+EM 0.96.0-Apple's Mail+GPGMail 1.2.0 (v56), Key: 0xA57A8EFA

From ludovic at mozillamessaging.com  Sun Aug 16 14:04:51 2009
From: ludovic at mozillamessaging.com (Ludovic Hirlimann)
Date: Sun, 16 Aug 2009 23:04:51 +0200
Subject: [Enigmail] Enigmail and OpenPGP Smartcard
In-Reply-To: <b169ee440908160933k590bb35bl94d5f2103ffc9fdd@mail.gmail.com>
References: <b169ee440908160933k590bb35bl94d5f2103ffc9fdd@mail.gmail.com>
Message-ID: <4A887473.9060808@mozillamessaging.com>

On 8/16/09 6:33 PM, Alexander Bertram wrote:
> Hi there!
>
> I use Thunderbird and Enigmail in an Mac OS X Environment. My
> Smartcard Reader works fine with Mac OS and the "Manage
> Smartcard"-Tool of Enigmail can access my Smartcard.
Can you point out which one you use, I'm interested in such setup.

ludo

-- 
Ludovic Hirlimann MozillaMessaging QA lead
http://www.spreadthunderbird.com/aff/79/2


From John at Mozilla-Enigmail.org  Sun Aug 16 15:26:50 2009
From: John at Mozilla-Enigmail.org (John Clizbe)
Date: Sun, 16 Aug 2009 17:26:50 -0500
Subject: [Enigmail] Enigmail and OpenPGP Smartcard
In-Reply-To: <b169ee440908160933k590bb35bl94d5f2103ffc9fdd@mail.gmail.com>
References: <b169ee440908160933k590bb35bl94d5f2103ffc9fdd@mail.gmail.com>
Message-ID: <4A8887AA.6040002@Mozilla-Enigmail.org>

Alexander Bertram wrote:
> Hi there!
> 
> I use Thunderbird and Enigmail in an Mac OS X Environment. My Smartcard
> Reader works fine with Mac OS and the "Manage Smartcard"-Tool of
> Enigmail can access my Smartcard.
> 
> A few months ago I created a key pair on my OpenPGP Smartcard with
> GnuPG4Win.

OK, so it was generated on a Windows system.

> Unfortunately, I don't know how to sign a Mail, using the Private Key on
> my Smartcard. If I try do sign and send a mail, the message "Cannot find
> Private Key" appears.

Because the copy of GnuPG on your Mac doesn't know to look on the OpenPGPcard
for the secret key. See below.

> What is the procedure to sign a mail with a Private Key, stored on a
> Smartcard?

When GnuPG generates keys on a smartcard, it generates a stub secret key to
store in the secret keyring letting it know that the key material for /that/ key
is stored on a smartcard.

You need to access the windows keyring present when you generated the smartcard
keys and export the secret key from that and import it to your Mac OS
environment or just as easily, import the full keyring files: secring.gpg and
pubring.gpg.

-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 663 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090816/3b1ff787/attachment.bin>

From ldc at lrcressy.com  Tue Aug 18 05:44:29 2009
From: ldc at lrcressy.com (LeRoy)
Date: Tue, 18 Aug 2009 08:44:29 -0400
Subject: [Enigmail] Can not remove a key
In-Reply-To: <4A858E77.8000407@comcast.net>
References: <4A852292.1040902@gmail.com> <4A855DBC.9050103@lrcressy.com>
	<4A858E77.8000407@comcast.net>
Message-ID: <4A8AA22D.9040107@lrcressy.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Boles wrote:
> On 8/14/2009 8:51 AM, LeRoy wrote:
>> David Boles wrote:
>>> Windows x86_64 Vista
>>> Thunderbird 3.0 beta 3
>>> Enigmail nightly build downloaded and installed 08/14/2009
>>> I have a public key in my key ring that has expired on 08/07/2009. Going
>>> through the motions to remove the key Enigmail will prompt the delete
>>> request with a 'confirm' popup window. Selecting the delete button in
>>> that popup window causes a second popup window that says "the key could
>>> not be deleted".
>>> Ideas?
> 
> 
> 
>> gpg --delete-keys keyID
> 
> 
> Thank you. That indeed worked as it should.
> 
> I wonder if that is a reportable bug in Enigmail?
> 

I have not used Enigmail for my key management, but I looked at the
OpenPGP button and I saw the key management option.  If I was you I
would report it as a bug.  Do you know what was preventing the removal
of the key in the first place?

Was the problem just with one key or was it with all keys or some keys?

All of this can go into the bug report


- --
 Rev. LeRoy D. Cressy  mailto:leroy at lrcressy.com   /\_/\
                       http://lrcressy.com        ( o.o )
                       Phone:  215-535-4037        > ^ <
		       Cell:   267-307-3527

gpg fingerprint:  62DE 6CAB CEE1 B1B3 359A  81D8 3FEF E6DA 8501 AFEA

For info on enigmail:    http://lrcressy.com/linux/mozilla.pdf
For info on gpg:         http://www.gnupg.org/

Jesus saith unto him, I am the way, the truth, and the life:
no man cometh unto the Father, but by me. (John 14:6)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBSoqiLauxGqN1iGbbAQLlbwf7BbIKLenAVoOWSBeN4B8l+lSGe1Hd2RYd
vxiKO34OmD7djJ1b3fApuCf9ZncqoH1l35nU50/5Hu0mIDbNezhAk2RAwaa2azx1
8hK0WkMHsOlhPk8Y7DbAfOFehlKFeGF8PnMqBH80h2j2m7zG20oVZ3HfLQbPC3ZM
0jn/je1ZaGc1JGCd+slVU2flJBFFuqpKFk7aBzxxPmf7UUiOChEuMMsFnwpZkIN3
6qK6HWbGM1LXixULPotclZlictDRNeQwMadHGC8RaqwgLZ8x1GtYalxHNybxqY29
qxAAqIktoqsAfCP7WGenA3Vb0IUC0NiArsFNuf0cQf1qptTY4ZwX1A==
=EIEX
-----END PGP SIGNATURE-----

From jfl at robinlea.com  Sat Aug 22 07:16:35 2009
From: jfl at robinlea.com (John Francis Lee)
Date: Sat, 22 Aug 2009 21:16:35 +0700
Subject: [Enigmail] gmail?
Message-ID: <4A8FFDC3.7040608@robinlea.com>

Hi,

I don't use gmail... but others do.

I have tried to explain to them that they are giving their mail to a 
corporation that has sworn to read every word of their correspondence, 
to create a dossier on them, to keep it forever, and to turn it over to 
whatever fascist government threatens their revenue stream, and to sell 
the information they glean from it to the highest bidder... but people 
who use gmail don't care about any of that. They happily turn over all 
their correspondence to the new evil empire. Fine. It's their mail.

But it's my mail too that they're handing over to the NEE, if I 
correspond with them. And I have a lot of intellectually challenged 
friends, who are otherwise fine people.

I have been told that firefox can connect to gmail.

Can I use Enigmail to encrpyt the mail I send to gmail junkies?

-- 
John Francis Lee
1025/37 Thanon Jet Yod
Mueang Chiangrai 57000
Thailand

From ludovic at mozillamessaging.com  Sat Aug 22 07:21:11 2009
From: ludovic at mozillamessaging.com (Ludovic Hirlimann)
Date: Sat, 22 Aug 2009 16:21:11 +0200
Subject: [Enigmail] gmail?
In-Reply-To: <4A8FFDC3.7040608@robinlea.com>
References: <4A8FFDC3.7040608@robinlea.com>
Message-ID: <4A8FFED7.1010201@mozillamessaging.com>

On 8/22/09 4:16 PM, John Francis Lee wrote:
> Hi,
>
> I don't use gmail... but others do.
>
> I have tried to explain to them that they are giving their mail to a
> corporation that has sworn to read every word of their correspondence,
> to create a dossier on them, to keep it forever, and to turn it over
> to whatever fascist government threatens their revenue stream, and to
> sell the information they glean from it to the highest bidder... but
> people who use gmail don't care about any of that. They happily turn
> over all their correspondence to the new evil empire. Fine. It's their
> mail.
>
> But it's my mail too that they're handing over to the NEE, if I
> correspond with them. And I have a lot of intellectually challenged
> friends, who are otherwise fine people.
>
> I have been told that firefox can connect to gmail.
>

It can - and thunderbird can too :-)

> Can I use Enigmail to encrpyt the mail I send to gmail junkies?
>
Yes you can - but they might have issues to decrypt it :-)

Ludo

-- 
Ludovic Hirlimann MozillaMessaging QA lead
http://www.spreadthunderbird.com/aff/79/2


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090822/a7edfd0d/attachment.bin>

From jfl at robinlea.com  Sat Aug 22 08:00:30 2009
From: jfl at robinlea.com (John Francis Lee)
Date: Sat, 22 Aug 2009 22:00:30 +0700
Subject: [Enigmail] gmail?
In-Reply-To: <4A8FFED7.1010201@mozillamessaging.com>
References: <4A8FFDC3.7040608@robinlea.com>
	<4A8FFED7.1010201@mozillamessaging.com>
Message-ID: <4A90080E.40601@robinlea.com>

Ludovic Hirlimann wrote:
> On 8/22/09 4:16 PM, John Francis Lee wrote:
>> Hi,
>>
>> I don't use gmail... but others do.
>>
>> I have tried to explain to them that they are giving their mail to a
>> corporation that has sworn to read every word of their correspondence,
>> to create a dossier on them, to keep it forever, and to turn it over
>> to whatever fascist government threatens their revenue stream, and to
>> sell the information they glean from it to the highest bidder... but
>> people who use gmail don't care about any of that. They happily turn
>> over all their correspondence to the new evil empire. Fine. It's their
>> mail.
>>
>> But it's my mail too that they're handing over to the NEE, if I
>> correspond with them. And I have a lot of intellectually challenged
>> friends, who are otherwise fine people.
>>
>> I have been told that firefox can connect to gmail.
>>
> 
> It can - and thunderbird can too :-)

Thuderbird is what I meant... thanks.

> 
>> Can I use Enigmail to encrpyt the mail I send to gmail junkies?
>>
> Yes you can - but they might have issues to decrypt it :-)

Could you elaborate?

> 
> Ludo
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail


-- 
John Francis Lee
1025/37 Thanon Jet Yod
Mueang Chiangrai 57000
Thailand

From kilowattradio at comcast.net  Sat Aug 22 09:35:35 2009
From: kilowattradio at comcast.net (Keith)
Date: Sat, 22 Aug 2009 09:35:35 -0700
Subject: [Enigmail] gmail?
In-Reply-To: <4A8FFDC3.7040608@robinlea.com>
References: <4A8FFDC3.7040608@robinlea.com>
Message-ID: <4A901E57.5050803@comcast.net>

John Francis Lee wrote:
> Hi,
> 
> I don't use gmail... but others do.
> 
> I have tried to explain to them that they are giving their mail to a
> corporation that has sworn to read every word of their correspondence,
> to create a dossier on them, to keep it forever, and to turn it over to
> whatever fascist government threatens their revenue stream, and to sell
> the information they glean from it to the highest bidder... but people
> who use gmail don't care about any of that. They happily turn over all
> their correspondence to the new evil empire. Fine. It's their mail.
> 
> But it's my mail too that they're handing over to the NEE, if I
> correspond with them. And I have a lot of intellectually challenged
> friends, who are otherwise fine people.
> 
> I have been told that firefox can connect to gmail.

Thunderbird can connect to gmail just like any pop account with any ISP
and SSL.



> 
> Can I use Enigmail to encrpyt the mail I send to gmail junkies?
> 

 Yes, as long as they have a program that will decrypt the message it is
no problem. If they are using thunderbird then send it the normal way
with Enigmail, if they are using another program or PGP/GPG directly
then send it as an attachment with a .asc or .gpg or pgp suffix for
saving to disk and decrypting.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090822/fe1ee395/attachment.bin>

From ludovic at mozillamessaging.com  Sat Aug 22 10:15:18 2009
From: ludovic at mozillamessaging.com (Ludovic Hirlimann)
Date: Sat, 22 Aug 2009 19:15:18 +0200
Subject: [Enigmail] gmail?
In-Reply-To: <4A90080E.40601@robinlea.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>
	<4A90080E.40601@robinlea.com>
Message-ID: <4A9027A6.6080500@mozillamessaging.com>

On 8/22/09 5:00 PM, John Francis Lee wrote:
>
> Could you elaborate?
>
>   
I meant to say that if they just use the web interface they might have
issues decrypting the emails.

-- 
Ludovic Hirlimann MozillaMessaging QA lead
http://www.spreadthunderbird.com/aff/79/2


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090822/621dbd94/attachment.bin>

From jmoore3rd at bellsouth.net  Sat Aug 22 10:28:09 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Sat, 22 Aug 2009 13:28:09 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A9027A6.6080500@mozillamessaging.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>
	<4A9027A6.6080500@mozillamessaging.com>
Message-ID: <4A902AA9.6030107@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Ludovic Hirlimann wrote:
> On 8/22/09 5:00 PM, John Francis Lee wrote:
>>
>> Could you elaborate?

In order to send Encrypted Email _both_ people must be using Encryption.
 Just loading Enigmail into Thunderbird won't accomplish anything until
You have also installed GnuPG [http://www.gnupg.org/download/].

The recipient must also have either PGP or GnuPG installed in order to
decrypt the message.  Enigmail is just a frontend for GnuPG.

I will say that corresponding through Gmail using encryption makes for
some very interesting Ad suggestions.  :-D

JOHN ;)
Timestamp: Saturday 22 Aug 2009, 13:27  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5124: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKkCqnAAoJEBCGy9eAtCsPWgcH/jfB3uxMTHan2NjTxGkpDwul
5eQBRb5JXbT1TC6SSgdtAqDd1GTFtSRRjag5P+1ORmstb7WgQWvxc29R1VCfRndS
3nwZbW8u89RHybusLNHlUSYFf2iM7ovAS3D/Bg3jYndV5Dw8YQUInM4Kx4nUsAB0
g0Kh5DbNzzCErTV6aZ9rUtZW9VZHxa/aFnQuRAYNBhFyGEm9GcuCNaj4rvRP+g2x
2XPvAfDT08wCSjB2MPM0chq5PNcXLgeGwqvQ6lMPyIKsyaMrlxp6VfXx99JZ7OFr
RElfl62JDCDT+ZFTIMsveh3W4oE8ZUW7JxtTGn5yTD7fht+wU8u/d1ocG0sjwGc=
=UVzJ
-----END PGP SIGNATURE-----

From crystal.a.brewton at gmail.com  Sat Aug 22 10:36:57 2009
From: crystal.a.brewton at gmail.com (Crystal Brewton)
Date: Sat, 22 Aug 2009 10:36:57 -0700
Subject: [Enigmail] gmail?
In-Reply-To: <4A90080E.40601@robinlea.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>
	<4A90080E.40601@robinlea.com>
Message-ID: <4A902CB9.3000301@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
I never have problems encrypting/decrypting from gmail *shrugs*

John Francis Lee wrote:
> Ludovic Hirlimann wrote:
>> On 8/22/09 4:16 PM, John Francis Lee wrote:
>>> Hi,
>>>
>>> I don't use gmail... but others do.
>>>
>>> I have tried to explain to them that they are giving their mail to a
>>> corporation that has sworn to read every word of their correspondence,
>>> to create a dossier on them, to keep it forever, and to turn it over
>>> to whatever fascist government threatens their revenue stream, and to
>>> sell the information they glean from it to the highest bidder... but
>>> people who use gmail don't care about any of that. They happily turn
>>> over all their correspondence to the new evil empire. Fine. It's their
>>> mail.
>>>
>>> But it's my mail too that they're handing over to the NEE, if I
>>> correspond with them. And I have a lot of intellectually challenged
>>> friends, who are otherwise fine people.
>>>
>>> I have been told that firefox can connect to gmail.
>>>
>> It can - and thunderbird can too :-)
>
> Thuderbird is what I meant... thanks.
>
>>> Can I use Enigmail to encrpyt the mail I send to gmail junkies?
>>>
>> Yes you can - but they might have issues to decrypt it :-)
>
> Could you elaborate?
>
>> Ludo
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Enigmail mailing list
>> Enigmail at mozdev.org
>> https://www.mozdev.org/mailman/listinfo/enigmail
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
iQIcBAEBAgAGBQJKkCy5AAoJEOmI2ZRGnwUSnXwP/0DJV+Z1QHpQbUm5mBodwHwj
h5VFrNwcyehaTkmwZPj+KUWhNYlXSI7DgYaNpDb/GnBJulF9+9Vx1Bo62Dj3BMAn
w6w3hPDWdV24jmNuTtkkmu8AvRTksQANbIM/wRTIYAqw7OHPKi5IicTP6Iv5ELuY
7AcbDWQh1PO/0jLjNvvY5ksh8Un6atM8ORynHiS7hSNN4AuvNjHENBru6k91yED+
M/KCyhDyv6B45uKdeCOUBhYtxduxGzS42KYt0DZ9RXNaNYY4JlAuznlXyH+jMNpc
UFK8qABt7pAprrROMf8OZAcqpJJxoZqg0s2i4VyWDr1HDGfrkr4VnRMRUUcBpYT1
zHdJ31EkF7Z9ZyBqBNajMdJbMNegueTMPDD9P+9+60rmb95gmV+H6t0WxV5xAFsQ
8TzDmrBtdqO7EE+vs2bi7WjMgc4wRPfZbQ3Yx3djX76nra7rW9hbJ+yqsNAIYB7V
bbSqNqIOkToRGFvINI3++ZzNWuhDPmYlA5GIIzA+ieDgoDJKCT7HDJHYmUPEVhkN
DMz0z97Ef+5Fe6uysNPh/+gUxOBJHyu34WseOsPsNLpQa5NHb5T7AYQ506dlvYGn
418epcr490KowTnITxOQdsNiG8GkihzjZ5Xjb/e9YG6CgCaLvcR/9luyZCaH7c3v
A11LKqwdMOPmBSdNEuc0
=Swph
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090822/e8052aaf/attachment.html>

From andy.ruddock at virginmedia.com  Sat Aug 22 10:36:49 2009
From: andy.ruddock at virginmedia.com (Andy Ruddock)
Date: Sat, 22 Aug 2009 18:36:49 +0100
Subject: [Enigmail] gmail?
In-Reply-To: <4A9027A6.6080500@mozillamessaging.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>
	<4A9027A6.6080500@mozillamessaging.com>
Message-ID: <4A902CB1.7090803@rainydayz.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ludovic Hirlimann wrote:
> On 8/22/09 5:00 PM, John Francis Lee wrote:
>> Could you elaborate?
>>
>>   
> I meant to say that if they just use the web interface they might have
> issues decrypting the emails.

There's the firegpg plugin for firefox (http://getfiregpg.org) which
I've had reasonable success with.
Their major problem seems to be breakage from API/design changes from
google.

- --
Andy Ruddock
- ------------
andy.ruddock at rainydayz.org (GPG Key ID 0xA622D452)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqQLK0ACgkQfSkWkaYi1FKNZACfUDqVE3TLFbWtxcqERwKdxByl
n7AAoLLIC4dxMnRWY9uqw5yeXMOVMcRl
=/Qm6
-----END PGP SIGNATURE-----

From jwilson1 at austin.rr.com  Sat Aug 22 13:31:37 2009
From: jwilson1 at austin.rr.com (J2Wilson)
Date: Sat, 22 Aug 2009 15:31:37 -0500
Subject: [Enigmail] gmail?
In-Reply-To: <4A901E57.5050803@comcast.net>
References: <4A8FFDC3.7040608@robinlea.com> <4A901E57.5050803@comcast.net>
Message-ID: <4A9055A9.8090703@austin.rr.com>

How do I get off this list?

JW

Keith wrote:
> John Francis Lee wrote:
>> Hi,
>>
>> I don't use gmail... but others do.
>>
>> I have tried to explain to them that they are giving their mail to a
>> corporation that has sworn to read every word of their correspondence,
>> to create a dossier on them, to keep it forever, and to turn it over to
>> whatever fascist government threatens their revenue stream, and to sell
>> the information they glean from it to the highest bidder... but people
>> who use gmail don't care about any of that. They happily turn over all
>> their correspondence to the new evil empire. Fine. It's their mail.
>>
>> But it's my mail too that they're handing over to the NEE, if I
>> correspond with them. And I have a lot of intellectually challenged
>> friends, who are otherwise fine people.
>>
>> I have been told that firefox can connect to gmail.
> 
> Thunderbird can connect to gmail just like any pop account with any ISP
> and SSL.
> 
> 
> 
>> Can I use Enigmail to encrpyt the mail I send to gmail junkies?
>>
> 
>  Yes, as long as they have a program that will decrypt the message it is
> no problem. If they are using thunderbird then send it the normal way
> with Enigmail, if they are using another program or PGP/GPG directly
> then send it as an attachment with a .asc or .gpg or pgp suffix for
> saving to disk and decrypting.
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail

-- 
Jacqueline Wilson
512-338-1867 home office
512-784-6769 mobile
512-338-0052 fax

From alaric at metrocast.net  Sat Aug 22 13:52:49 2009
From: alaric at metrocast.net (Phil Stracchino)
Date: Sat, 22 Aug 2009 16:52:49 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A9055A9.8090703@austin.rr.com>
References: <4A8FFDC3.7040608@robinlea.com> <4A901E57.5050803@comcast.net>
	<4A9055A9.8090703@austin.rr.com>
Message-ID: <4A905AA1.5010505@metrocast.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

J2Wilson wrote:
> How do I get off this list?

Presumably the same way you got on it, because it didn't subscribe you
without your knowledge and cooperation.

Hint:  Try the list URL that appears in the footer of every message,
including yours, which you quoted along with the entire body of the
message you replied to (see just below), or perhaps the direct
unsubscribe link in the "List-Unsubscribe" header.  In the event that
you've lost or forgotten the password that Mailman sent to you when you
signed up for the list, Mailman is very helpful and will mail it back to
you again if you ask it nicely, which you can do at that link.


>> _______________________________________________
>> Enigmail mailing list
>> Enigmail at mozdev.org
>> https://www.mozdev.org/mailman/listinfo/enigmail


- --
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkqQWqEACgkQ0DfOju+hMklKPQCgoOgYDXmDP8O8o6H6QRumK180
Y6AAnA8tU8SVZSaH76YeJMOJo4Q2RciG
=x4NO
-----END PGP SIGNATURE-----

From jmoore3rd at bellsouth.net  Sat Aug 22 15:20:07 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Sat, 22 Aug 2009 18:20:07 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A9055A9.8090703@austin.rr.com>
References: <4A8FFDC3.7040608@robinlea.com> <4A901E57.5050803@comcast.net>
	<4A9055A9.8090703@austin.rr.com>
Message-ID: <4A906F17.4060103@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

J2Wilson wrote:
> How do I get off this list?

At the bottom of every Post is the Signature Block:

> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail

Visit the Link to the List and Un-Subscribe.  That's all.

JOHN ;)
Timestamp: Saturday 22 Aug 2009, 18:19  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5124: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKkG8UAAoJEBCGy9eAtCsPZ10H/1mS5XYpwh/ep/CXFb7+uwgc
lyT4FBGpjeRH+fFao+kNTPTzYm/GEGpqiOZGDQ1kGtgWfqCydsCRRNcfD3NtoxSY
2ARkdaFHNCo3yJHzpfSnxPCEGcSlZwuQHR04xG95ZGqKUO2J2pSgtKF4aNw0NbvF
xsqHfr0+WKLBqPP1twFMabzzJtuVTUG+ZKHlvs5vxl9T7hySJDZ5aUfaC/OaEOzl
KCwQG+RAN56SQvijZWIKPkabjsvy+3TQe6NdEcfA+TapXQkglBPAMxZqDNWFVoXo
OPD9qjFxRDEm7aEwLWim/a9QCK3+NF9RZZ5wg8/nCfzFBaU2GQ4TNIwPlQlr9Eg=
=xPNN
-----END PGP SIGNATURE-----

From federalhillrent at yahoo.com  Sat Aug 22 15:57:15 2009
From: federalhillrent at yahoo.com (FederalHill)
Date: Sat, 22 Aug 2009 15:57:15 -0700 (PDT)
Subject: [Enigmail] gmail?
In-Reply-To: <4A9055A9.8090703@austin.rr.com>
Message-ID: <398701.20315.qm@web36305.mail.mud.yahoo.com>



What is the installation procedure from start to finish for thunderbird and enigma when using the terminal and Fedora 9 or Red Hat.? 


--- On Sat, 8/22/09, J2Wilson <jwilson1 at austin.rr.com> wrote:


From: J2Wilson <jwilson1 at austin.rr.com>
Subject: Re: [Enigmail] gmail?
To: "Enigmail user discussion list" <enigmail at mozdev.org>
Date: Saturday, August 22, 2009, 4:31 PM


How do I get off this list?

JW

Keith wrote:
> John Francis Lee wrote:
>> Hi,
>>
>> I don't use gmail... but others do.
>>
>> I have tried to explain to them that they are giving their mail to a
>> corporation that has sworn to read every word of their correspondence,
>> to create a dossier on them, to keep it forever, and to turn it over to
>> whatever fascist government threatens their revenue stream, and to sell
>> the information they glean from it to the highest bidder... but people
>> who use gmail don't care about any of that. They happily turn over all
>> their correspondence to the new evil empire. Fine. It's their mail.
>>
>> But it's my mail too that they're handing over to the NEE, if I
>> correspond with them. And I have a lot of intellectually challenged
>> friends, who are otherwise fine people.
>>
>> I have been told that firefox can connect to gmail.
> 
> Thunderbird can connect to gmail just like any pop account with any ISP
> and SSL.
> 
> 
> 
>> Can I use Enigmail to encrpyt the mail I send to gmail junkies?
>>
> 
>? Yes, as long as they have a program that will decrypt the message it is
> no problem. If they are using thunderbird then send it the normal way
> with Enigmail, if they are using another program or PGP/GPG directly
> then send it as an attachment with a .asc or .gpg or pgp suffix for
> saving to disk and decrypting.
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail

-- 
Jacqueline Wilson
512-338-1867 home office
512-784-6769 mobile
512-338-0052 fax
_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090822/cfda003b/attachment.html>

From federalhillrent at yahoo.com  Sat Aug 22 15:58:35 2009
From: federalhillrent at yahoo.com (FederalHill)
Date: Sat, 22 Aug 2009 15:58:35 -0700 (PDT)
Subject: [Enigmail] gmail?
In-Reply-To: <4A902CB1.7090803@rainydayz.org>
Message-ID: <838407.55148.qm@web36307.mail.mud.yahoo.com>

It is much easier on windows, however Windows grew leggs and walked

Bank to bank, banker to banker, we are solid, you be too.


--- On Sat, 8/22/09, Andy Ruddock <andy.ruddock at virginmedia.com> wrote:


From: Andy Ruddock <andy.ruddock at virginmedia.com>
Subject: Re: [Enigmail] gmail?
To: "Enigmail user discussion list" <enigmail at mozdev.org>
Date: Saturday, August 22, 2009, 1:36 PM


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ludovic Hirlimann wrote:
> On 8/22/09 5:00 PM, John Francis Lee wrote:
>> Could you elaborate?
>>
>>???
> I meant to say that if they just use the web interface they might have
> issues decrypting the emails.

There's the firegpg plugin for firefox (http://getfiregpg.org) which
I've had reasonable success with.
Their major problem seems to be breakage from API/design changes from
google.

- --
Andy Ruddock
- ------------
andy.ruddock at rainydayz.org (GPG Key ID 0xA622D452)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqQLK0ACgkQfSkWkaYi1FKNZACfUDqVE3TLFbWtxcqERwKdxByl
n7AAoLLIC4dxMnRWY9uqw5yeXMOVMcRl
=/Qm6
-----END PGP SIGNATURE-----
_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090822/f541fc40/attachment.html>

From federalhillrent at yahoo.com  Sat Aug 22 15:59:16 2009
From: federalhillrent at yahoo.com (FederalHill)
Date: Sat, 22 Aug 2009 15:59:16 -0700 (PDT)
Subject: [Enigmail] Fw: Re:  gmail?
Message-ID: <873949.6684.qm@web36308.mail.mud.yahoo.com>



Bank to bank, banker to banker, we are solid, you be too.


--- On Sat, 8/22/09, FederalHill <federalhillrent at yahoo.com> wrote:


From: FederalHill <federalhillrent at yahoo.com>
Subject: Re: [Enigmail] gmail?
To: jwilson1 at austin.rr.com, "Enigmail user discussion list" <enigmail at mozdev.org>
Date: Saturday, August 22, 2009, 6:57 PM








What is the installation procedure from start to finish for thunderbird and enigma when using the terminal and Fedora 9 or Red Hat.? 


--- On Sat, 8/22/09, J2Wilson <jwilson1 at austin.rr.com> wrote:


From: J2Wilson <jwilson1 at austin.rr.com>
Subject: Re: [Enigmail] gmail?
To: "Enigmail user discussion list" <enigmail at mozdev.org>
Date: Saturday, August 22, 2009, 4:31 PM


How do I get off this list?

JW

Keith wrote:
> John Francis Lee wrote:
>> Hi,
>>
>> I don't use gmail... but others do.
>>
>> I have tried to explain to them that they are giving their mail to a
>> corporation that has sworn to read every word of their correspondence,
>> to create a dossier on them, to keep it forever, and to turn it over to
>> whatever fascist government threatens their revenue stream, and to sell
>> the information they glean from it to the highest bidder... but people
>> who use gmail don't care about any of that. They happily turn over all
>> their correspondence to the new evil empire. Fine. It's their mail.
>>
>> But it's my mail too that they're handing over to the NEE, if I
>> correspond with them. And I have a lot of intellectually challenged
>> friends, who are otherwise fine people.
>>
>> I have been told that firefox can connect to gmail.
> 
> Thunderbird can connect to gmail just like any pop account with any ISP
> and SSL.
> 
> 
> 
>> Can I use Enigmail to encrpyt the mail I send to gmail junkies?
>>
> 
>? Yes, as long as they have a program that will decrypt the message it is
> no problem. If they are using thunderbird then send it the normal way
> with Enigmail, if they are using another program or PGP/GPG directly
> then send it as an attachment with a .asc or .gpg or pgp suffix for
> saving to disk and decrypting.
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail

-- 
Jacqueline Wilson
512-338-1867 home office
512-784-6769 mobile
512-338-0052 fax
_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail


-----Inline Attachment Follows-----


_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090822/03236200/attachment-0001.html>

From jfl at robinlea.com  Sat Aug 22 17:55:22 2009
From: jfl at robinlea.com (John Francis Lee)
Date: Sun, 23 Aug 2009 07:55:22 +0700
Subject: [Enigmail] gmail?
In-Reply-To: <4A902CB1.7090803@rainydayz.org>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>
	<4A902CB1.7090803@rainydayz.org>
Message-ID: <4A90937A.7030205@robinlea.com>

Andy Ruddock wrote:
> Ludovic Hirlimann wrote:
>> On 8/22/09 5:00 PM, John Francis Lee wrote:
>>> Could you elaborate?
>>>
>>>   
>> I meant to say that if they just use the web interface they might have
>> issues decrypting the emails.
> 
> There's the firegpg plugin for firefox (http://getfiregpg.org) which
> I've had reasonable success with.
> Their major problem seems to be breakage from API/design changes from
> google.
> 

That's very interesting. Thank you. This would be something the gmailer
with whom I am corresponding might install, right? Has it other uses?

_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail

-- 
John Francis Lee
1025/37 Thanon Jet Yod
Mueang Chiangrai 57000
Thailand

From 2600denver at gmail.com  Sat Aug 22 18:14:17 2009
From: 2600denver at gmail.com (Ringo)
Date: Sat, 22 Aug 2009 21:14:17 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A90937A.7030205@robinlea.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>	<4A902CB1.7090803@rainydayz.org>
	<4A90937A.7030205@robinlea.com>
Message-ID: <4A9097E9.6080909@gmail.com>

Also realize that unless you disable javascript/flash/etc., gmail or any
other site with javascript that's open at the time can steal your
passphrase and potentially your private key.

Ringo

John Francis Lee wrote:
> Andy Ruddock wrote:
>> Ludovic Hirlimann wrote:
>>> On 8/22/09 5:00 PM, John Francis Lee wrote:
>>>> Could you elaborate?
>>>>
>>>>   
>>> I meant to say that if they just use the web interface they might have
>>> issues decrypting the emails.
>> There's the firegpg plugin for firefox (http://getfiregpg.org) which
>> I've had reasonable success with.
>> Their major problem seems to be breakage from API/design changes from
>> google.
>>
> 
> That's very interesting. Thank you. This would be something the gmailer
> with whom I am corresponding might install, right? Has it other uses?
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail
> 

From jfl at robinlea.com  Sat Aug 22 21:41:38 2009
From: jfl at robinlea.com (John Francis Lee)
Date: Sun, 23 Aug 2009 11:41:38 +0700
Subject: [Enigmail] gmail?
In-Reply-To: <4A902AA9.6030107@bellsouth.net>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>
	<4A902AA9.6030107@bellsouth.net>
Message-ID: <4A90C882.6050409@robinlea.com>

John W. Moore III wrote:
> Ludovic Hirlimann wrote:
>> On 8/22/09 5:00 PM, John Francis Lee wrote:
>>> Could you elaborate?
> 
> In order to send Encrypted Email _both_ people must be using Encryption.
>  Just loading Enigmail into Thunderbird won't accomplish anything until
> You have also installed GnuPG [http://www.gnupg.org/download/].

I just typed

  sudo apt-get install enigmail

in a term window on my ubuntu 9.04 machine and gpg seems to have come
with. Enigmail seems to be installed and operative. There was a series
of questions and at startup after the installation.

> 
> The recipient must also have either PGP or GnuPG installed in order to
> decrypt the message.  Enigmail is just a frontend for GnuPG.

Yes. I'll have to look into that so that I may recommend something to my
gmail correspondents. They probably run windows. Do yo have any
recommendattion?

> 
> I will say that corresponding through Gmail using encryption makes for
> some very interesting Ad suggestions.  :-D

Have you done so? And gotten strange ads?

> 
> JOHN ;)
> Timestamp: Saturday 22 Aug 2009, 13:27  --400 (Eastern Daylight Time)
_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail

-- 
John Francis Lee
1025/37 Thanon Jet Yod
Mueang Chiangrai 57000
Thailand

From jfl at robinlea.com  Sat Aug 22 21:59:32 2009
From: jfl at robinlea.com (John Francis Lee)
Date: Sun, 23 Aug 2009 11:59:32 +0700
Subject: [Enigmail] gmail?
In-Reply-To: <4A9027A6.6080500@mozillamessaging.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>
	<4A9027A6.6080500@mozillamessaging.com>
Message-ID: <4A90CCB4.4040702@robinlea.com>

Ludovic Hirlimann wrote:
> On 8/22/09 5:00 PM, John Francis Lee wrote:
>> Could you elaborate?
>>
>>   
> I meant to say that if they just use the web interface they might have
> issues decrypting the emails.
> 

Yes... Andy Ruddock suggested a plugin for firefox name firegpg. I'm not
able to try it myself, although I've installed it, because I don't have
a gmail account. I thought I'd open one for testing but they had the
nerve to demand my cellphone number! Unbelievable!!

> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail


-- 
John Francis Lee
1025/37 Thanon Jet Yod
Mueang Chiangrai 57000
Thailand

From jfl at robinlea.com  Sat Aug 22 22:02:04 2009
From: jfl at robinlea.com (John Francis Lee)
Date: Sun, 23 Aug 2009 12:02:04 +0700
Subject: [Enigmail] gmail?
In-Reply-To: <4A901E57.5050803@comcast.net>
References: <4A8FFDC3.7040608@robinlea.com> <4A901E57.5050803@comcast.net>
Message-ID: <4A90CD4C.9070108@robinlea.com>

Keith wrote:
> John Francis Lee wrote:
>> Hi,
>>
>> I don't use gmail... but others do.
>>
>> I have tried to explain to them that they are giving their mail to a
>> corporation that has sworn to read every word of their correspondence,
>> to create a dossier on them, to keep it forever, and to turn it over to
>> whatever fascist government threatens their revenue stream, and to sell
>> the information they glean from it to the highest bidder... but people
>> who use gmail don't care about any of that. They happily turn over all
>> their correspondence to the new evil empire. Fine. It's their mail.
>>
>> But it's my mail too that they're handing over to the NEE, if I
>> correspond with them. And I have a lot of intellectually challenged
>> friends, who are otherwise fine people.
>>
>> I have been told that firefox can connect to gmail.
> 
> Thunderbird can connect to gmail just like any pop account with any ISP
> and SSL.
> 
> 
> 
>> Can I use Enigmail to encrpyt the mail I send to gmail junkies?
>>
> 
>  Yes, as long as they have a program that will decrypt the message it is
> no problem. If they are using thunderbird then send it the normal way
> with Enigmail, if they are using another program or PGP/GPG directly
> then send it as an attachment with a .asc or .gpg or pgp suffix for
> saving to disk and decrypting.

In the case of not using thunderbird or firegpg, or firegpg's not
working, do you have a recommendation for a windows user?

Thanks to all of you for all your help.

> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail


-- 
John Francis Lee
1025/37 Thanon Jet Yod
Mueang Chiangrai 57000
Thailand

From jmoore3rd at bellsouth.net  Sat Aug 22 22:06:49 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Sun, 23 Aug 2009 01:06:49 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A90C882.6050409@robinlea.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>	<4A902AA9.6030107@bellsouth.net>
	<4A90C882.6050409@robinlea.com>
Message-ID: <4A90CE69.1040205@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

John Francis Lee wrote:

>> You have also installed GnuPG [http://www.gnupg.org/download/].

> in a term window on my ubuntu 9.04 machine and gpg seems to have come
> with. Enigmail seems to be installed and operative. There was a series
> of questions and at startup after the installation.

GnuPG probably comes packaged with Ubuntu.  Don't know which version but
the most current is version 1.4.9.  After Opening OpenPGP Preferences be
sure and place a check in the box "display expert settings" then Close &
Re-Open Preferences for all the 'tweaking' options.

>> The recipient must also have either PGP or GnuPG installed in order to
>> decrypt the message.  Enigmail is just a frontend for GnuPG.
> 
> Yes. I'll have to look into that so that I may recommend something to my
> gmail correspondents. They probably run windows. Do yo have any
> recommendattion?

The Link above will take them to the Download Page.  I recommend against
choosing gpg4win for Novice Users and prefer that they scroll about
midway down the page to GnuPG 1.4.9-w/Windows Installer.  Then click on
the bold 'FTP' on the right side of the screen.

>> I will say that corresponding through Gmail using encryption makes for
>> some very interesting Ad suggestions.  :-D
> 
> Have you done so? And gotten strange ads?

Before I turned OFF the ad display I would see suggested Links next to
encrypted email directing Me to Colleges, Language Schools, PGP
Corporation & Florists.  About all Google has to rely on is whatever
they discern from the scanned Email + whatever is in Your History
[derived from all other Emails].  Since I never send much through Gmail
that isn't encrypted I have a very small & misleading 'history'.  :)

JOHN ;)
Timestamp: Sunday 23 Aug 2009, 01:06  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5124: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKkM5mAAoJEBCGy9eAtCsPRUUH/iiCoyNWxNydjLRMb8mN+A+o
vOuMAZ1fstvuQcWxhhSVzUwp+oBgNcy6axVz14Lhtbla8fbz+JL86lttQ21yrexG
7N/VnHXhPDeakz5kWDZNA+W6XtjAbj/fDV8qyI+uvHlreDAGe10r09wDJJVmGjMk
6UMBgUEznpXX6hSNuhBVlwa0S8aAnZhKSmk3rRTJsqDMFuHA+Y0J4yFP9/CmDmG/
6d/zZE9G01cU7zvfeFDHOnmOgjQIRMAyXEGAVu0OKGvpaqZQsBJmfcJJD0esRy5J
vactiFv0M+Tib8TwR3+Pp/O9Ghl1UMdDmGnXFTF2XZ4sGL6DhpadBlLsAy5nzrA=
=kgo1
-----END PGP SIGNATURE-----

From jmoore3rd at bellsouth.net  Sat Aug 22 22:09:16 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Sun, 23 Aug 2009 01:09:16 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A90CD4C.9070108@robinlea.com>
References: <4A8FFDC3.7040608@robinlea.com> <4A901E57.5050803@comcast.net>
	<4A90CD4C.9070108@robinlea.com>
Message-ID: <4A90CEFC.7090904@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

John Francis Lee wrote:

> In the case of not using thunderbird or firegpg, or firegpg's not
> working, do you have a recommendation for a windows user?

I like the Frontend GPGshell [http://www.jumaros.de/rsoft/index.html]
but there are many frontends and folks have different preferences.

JOHN ;)
Timestamp: Sunday 23 Aug 2009, 01:09  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5124: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKkM76AAoJEBCGy9eAtCsPRYQIAI+UCzenvATbW1Y9IQq6oIYI
wd0Bg9gLICx1yF5e8+qhoHsoxmOpUrXzq1hHJbxu0YXnB60pBCp8UwK09gIPSd63
jQ2HfUdJMLpDebxN9S/izhVZf7Vl20gOSzwcMwuB7jT+/JrDDwQh9DfolcsofghD
LAPaXs/vBB1diWud7P3ixekVBl7WQTSDZnA18emu5C4AUGr3pVN2BzQEcMP4f6cz
kQ1rA4ZFb9wBVzT1uxaDuGtMKSWZMA4bDNbP0IxaXm/ZK93DLJSokxNVTG0l+l6f
azMN07Rim+KK+Wk7gQVtVGP8pKDpJH8ePzAgRO+hYnt+zr1ATevGX+A1vRtOnWQ=
=w4rD
-----END PGP SIGNATURE-----

From post at lespocky.de  Sun Aug 23 00:42:09 2009
From: post at lespocky.de (Alexander Dahl)
Date: Sun, 23 Aug 2009 09:42:09 +0200
Subject: [Enigmail] gmail?
In-Reply-To: <4A90CE69.1040205@bellsouth.net>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>	<4A902AA9.6030107@bellsouth.net>	<4A90C882.6050409@robinlea.com>
	<4A90CE69.1040205@bellsouth.net>
Message-ID: <0MKt72-1Mf7iW1GE1-000D9b@mrelayeu.kundenserver.de>

Hi,

> GnuPG probably comes packaged with Ubuntu.  Don't know which version but
> the most current is version 1.4.9.

At least on Debian GnuPG comes with the basic installation since the
package manager apt uses it. However as far as the package dependencies
on Ubuntu are concerned, apt just recommends gnupg so it may be
possible, it is not installed by default.

Which version of GnuPG 1.4.9 is in Ubuntu depends on the release. The
hardy 8.04LTS still has gnupg 1.4.6 packed (probably with security
fixes) but since intrepid 8.10 it's the 1.4.9. You can have a look by
yourself:

http://packages.ubuntu.com/search?keywords=gnupg

Greets
Alex

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090823/72508166/attachment.bin>

From allen.schultz at gmail.com  Sun Aug 23 10:42:22 2009
From: allen.schultz at gmail.com (Allen Schultz)
Date: Sun, 23 Aug 2009 11:42:22 -0600
Subject: [Enigmail] gmail?
In-Reply-To: <4A90CEFC.7090904@bellsouth.net>
References: <4A8FFDC3.7040608@robinlea.com>
	<4A901E57.5050803@comcast.net>	<4A90CD4C.9070108@robinlea.com>
	<4A90CEFC.7090904@bellsouth.net>
Message-ID: <4A917F7E.3020209@gmail.com>

John W. Moore III wrote:
> I like the Frontend GPGshell [http://www.jumaros.de/rsoft/index.html]
> but there are many frontends and folks have different preferences.

I like this program as well. Is there an equal equivalent to this
program on the GNU/Linux platform? Especially the feature when you edit
a key, it reverts back to the CLI editing of the key?

-- 
Allen Schultz
PS: Please see attached VCF attachment for contact and GPG key info.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: allen_schultz.vcf
Type: text/x-vcard
Size: 651 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090823/71f4d8ec/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090823/71f4d8ec/attachment.bin>

From dkg at fifthhorseman.net  Mon Aug 24 23:10:50 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 25 Aug 2009 02:10:50 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A9097E9.6080909@gmail.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>	<4A902CB1.7090803@rainydayz.org>	<4A90937A.7030205@robinlea.com>
	<4A9097E9.6080909@gmail.com>
Message-ID: <4A93806A.5030807@fifthhorseman.net>

On 08/22/2009 09:14 PM, in a conversation about FireGPG, Ringo wrote:
> Also realize that unless you disable javascript/flash/etc., gmail or any
> other site with javascript that's open at the time can steal your
> passphrase and potentially your private key.

I have no idea about what goes on in proprietary software like flash,
but would you care to substantiate the claim that FireGPG exposes your
passphrase and potentially private key to any web site allowed to use
javascript?  I've cc'ed the upstream author of FireGPG here so he is
aware of this serious charge.  I'm sure he'd want to know about it.

That sounds like it would be a pretty nasty vulnerability, and i'd like
to see it fixed if possible.

I agree that there are many problems with tightly-integrated crypto in a
web browser, but they should not in principle be significantly worse
than the problems involved with tightly-inegrated crypto in a mail user
agent, particularly MUAs of the modern kind with all their fanciness.
i think enigmail has shown that good work can be done in this space  in
spite of the inherent difficulties.

If you think FireGPG doesn't live up to that, let's set about
identifying the problems clearly so they can be fixed.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090825/08cd01b7/attachment.bin>

From maximilien at theglu.org  Mon Aug 24 23:12:45 2009
From: maximilien at theglu.org (Maximilien Cuony [The_Glu])
Date: Tue, 25 Aug 2009 08:12:45 +0200
Subject: [Enigmail] gmail?
In-Reply-To: <4A93806A.5030807@fifthhorseman.net>
References: <4A8FFDC3.7040608@robinlea.com> <4A9097E9.6080909@gmail.com>
	<4A93806A.5030807@fifthhorseman.net>
Message-ID: <200908250812.52320.maximilien@theglu.org>

Hi,

Yep, I'm interested to know how can you do that ;)

Regards,

On Tuesday 25 August 2009, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote :
> On 08/22/2009 09:14 PM, in a conversation about FireGPG, Ringo wrote:
> > Also realize that unless you disable javascript/flash/etc., gmail or any
> > other site with javascript that's open at the time can steal your
> > passphrase and potentially your private key.
>
> I have no idea about what goes on in proprietary software like flash,
> but would you care to substantiate the claim that FireGPG exposes your
> passphrase and potentially private key to any web site allowed to use
> javascript?  I've cc'ed the upstream author of FireGPG here so he is
> aware of this serious charge.  I'm sure he'd want to know about it.
>
> That sounds like it would be a pretty nasty vulnerability, and i'd like
> to see it fixed if possible.
>
> I agree that there are many problems with tightly-integrated crypto in a
> web browser, but they should not in principle be significantly worse
> than the problems involved with tightly-inegrated crypto in a mail user
> agent, particularly MUAs of the modern kind with all their fanciness.
> i think enigmail has shown that good work can be done in this space  in
> spite of the inherent difficulties.
>
> If you think FireGPG doesn't live up to that, let's set about
> identifying the problems clearly so they can be fixed.
>
> 	--dkg
-- 
Maximilien Cuony [The_Glu]
http://theglu.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090825/cb077e22/attachment.bin>

From 2600denver at gmail.com  Mon Aug 24 23:23:01 2009
From: 2600denver at gmail.com (Ringo)
Date: Tue, 25 Aug 2009 02:23:01 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A93806A.5030807@fifthhorseman.net>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>	<4A902CB1.7090803@rainydayz.org>	<4A90937A.7030205@robinlea.com>
	<4A9097E9.6080909@gmail.com> <4A93806A.5030807@fifthhorseman.net>
Message-ID: <4A938345.8020106@gmail.com>

This isn't a vulnerability in FireGPG, it's an issue with integrating
crypto in browsers. If you allow javascript, flash, activex, and other
such active content to run in your browser, they can listen to your
keystrokes. From what I remember, which could be wrong, there are a
number of proofs of concepts for javascript applets that can listen to
keystrokes in the background. In theory, this could be used to grab a
passphrase. Stuff like Flash and ActiveX have even more power and I
assume they can grab things out of memory or do some type of
interception. I could be wrong on this, but there's a reason that
"TorButton" (for using Tor in Firefox) doesn't allow anything like
flash, active x, and most javascript.

As these attacks get more sophisticated, we're seeing "drive-by" virus
infections. Luckily, most of these rely on browser and/or system
vulnerabilities but as we continue to allow all these new types of
active scripting (allowing remote, un-authenticated code to run on your
machine), we're going to continue to see these problems. This doesn't
mean we should ditch the concept all together, but that we need to build
in a lot of safeguards and privacy standards.

That shit is just plain dangerous and IMHO if people are allowing that
kind of stuff to run, they're just fooling themselves. It's still better
than not encrypting anything, but it's also a false sense of security.

Ringo

Daniel Kahn Gillmor wrote:
> On 08/22/2009 09:14 PM, in a conversation about FireGPG, Ringo wrote:
>> Also realize that unless you disable javascript/flash/etc., gmail or any
>> other site with javascript that's open at the time can steal your
>> passphrase and potentially your private key.
> 
> I have no idea about what goes on in proprietary software like flash,
> but would you care to substantiate the claim that FireGPG exposes your
> passphrase and potentially private key to any web site allowed to use
> javascript?  I've cc'ed the upstream author of FireGPG here so he is
> aware of this serious charge.  I'm sure he'd want to know about it.
> 
> That sounds like it would be a pretty nasty vulnerability, and i'd like
> to see it fixed if possible.
> 
> I agree that there are many problems with tightly-integrated crypto in a
> web browser, but they should not in principle be significantly worse
> than the problems involved with tightly-inegrated crypto in a mail user
> agent, particularly MUAs of the modern kind with all their fanciness.
> i think enigmail has shown that good work can be done in this space  in
> spite of the inherent difficulties.
> 
> If you think FireGPG doesn't live up to that, let's set about
> identifying the problems clearly so they can be fixed.
> 
> 	--dkg
> 

From maximilien at theglu.org  Mon Aug 24 23:36:15 2009
From: maximilien at theglu.org (Maximilien Cuony [The_Glu])
Date: Tue, 25 Aug 2009 08:36:15 +0200
Subject: [Enigmail] gmail?
In-Reply-To: <4A938345.8020106@gmail.com>
References: <4A8FFDC3.7040608@robinlea.com>
	<4A93806A.5030807@fifthhorseman.net> <4A938345.8020106@gmail.com>
Message-ID: <200908250836.15183.maximilien@theglu.org>

Do you know there is a separation between pages's javascript and chrome 
(=browser + extention) javascript ?

If you can listen to keystrokes, you can listent to keystrokes of the whole 
system. And even gnupg.exe is concerned. And I don't think you can.

Flash and ActiveX can play with memory of the system ? Great. Because if they 
can, FireGPG or not won't change anything.

No, TorButton dosen't allow flash and cie for this reason. It's simply because 
they can't be 'torified' and bypass privacy.

FireGPG is (as I know) secure. You can't steat a private key or a password or 
whatever. If you can, it's with security issues that let's attackers play with 
gnupg alone, FireGPG isn't needed to succeed in this cases.

So please stop saying shit. Thanks.

On Tuesday 25 August 2009, Ringo <2600denver at gmail.com> wrote :
> This isn't a vulnerability in FireGPG, it's an issue with integrating
> crypto in browsers. If you allow javascript, flash, activex, and other
> such active content to run in your browser, they can listen to your
> keystrokes. From what I remember, which could be wrong, there are a
> number of proofs of concepts for javascript applets that can listen to
> keystrokes in the background. In theory, this could be used to grab a
> passphrase. Stuff like Flash and ActiveX have even more power and I
> assume they can grab things out of memory or do some type of
> interception. I could be wrong on this, but there's a reason that
> "TorButton" (for using Tor in Firefox) doesn't allow anything like
> flash, active x, and most javascript.
>
> As these attacks get more sophisticated, we're seeing "drive-by" virus
> infections. Luckily, most of these rely on browser and/or system
> vulnerabilities but as we continue to allow all these new types of
> active scripting (allowing remote, un-authenticated code to run on your
> machine), we're going to continue to see these problems. This doesn't
> mean we should ditch the concept all together, but that we need to build
> in a lot of safeguards and privacy standards.
>
> That shit is just plain dangerous and IMHO if people are allowing that
> kind of stuff to run, they're just fooling themselves. It's still better
> than not encrypting anything, but it's also a false sense of security.
>
> Ringo
>
> Daniel Kahn Gillmor wrote:
> > On 08/22/2009 09:14 PM, in a conversation about FireGPG, Ringo wrote:
> >> Also realize that unless you disable javascript/flash/etc., gmail or any
> >> other site with javascript that's open at the time can steal your
> >> passphrase and potentially your private key.
> >
> > I have no idea about what goes on in proprietary software like flash,
> > but would you care to substantiate the claim that FireGPG exposes your
> > passphrase and potentially private key to any web site allowed to use
> > javascript?  I've cc'ed the upstream author of FireGPG here so he is
> > aware of this serious charge.  I'm sure he'd want to know about it.
> >
> > That sounds like it would be a pretty nasty vulnerability, and i'd like
> > to see it fixed if possible.
> >
> > I agree that there are many problems with tightly-integrated crypto in a
> > web browser, but they should not in principle be significantly worse
> > than the problems involved with tightly-inegrated crypto in a mail user
> > agent, particularly MUAs of the modern kind with all their fanciness.
> > i think enigmail has shown that good work can be done in this space  in
> > spite of the inherent difficulties.
> >
> > If you think FireGPG doesn't live up to that, let's set about
> > identifying the problems clearly so they can be fixed.
> >
> > 	--dkg
-- 
Maximilien Cuony [The_Glu]
http://theglu.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090825/a3370b25/attachment.bin>

From 2600denver at gmail.com  Tue Aug 25 00:00:29 2009
From: 2600denver at gmail.com (Ringo)
Date: Tue, 25 Aug 2009 03:00:29 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <200908250836.15183.maximilien@theglu.org>
References: <4A8FFDC3.7040608@robinlea.com>
	<4A93806A.5030807@fifthhorseman.net> <4A938345.8020106@gmail.com>
	<200908250836.15183.maximilien@theglu.org>
Message-ID: <4A938C0D.9000403@gmail.com>

Do you know there is a separation between pages's javascript and chrome
(=browser + extention) javascript ?

I don't know much about this actually, I'd be interested to hear what
people have to say on it.

"If you can listen to keystrokes, you can listent to keystrokes of the
whole system. And even gnupg.exe is concerned. And I don't think you can."

This could be, but most likely isn't. My understanding is that it only
applies to keystrokes issued while the browser is open, or maybe even
when that specific tab is open.

"Flash and ActiveX can play with memory of the system ? Great. Because
if they can, FireGPG or not won't change anything."

I'm not sure about Flash, but I'm pretty sure active x can do whatever
it wants. I know it can access the file system as there are active X
virus scanners. Windows update uses it as well, but that could be a
"only windows update" type thing. I'm not sure how firefox handles
active X, but imagine if a user has an IE window open with active x
running as well?

What I'm getting at here is that allowing any active scripting is
dangerous, especially if you're trying to protect data via encryption.
The idea of integrating this encryption with the browser, while
convenient, takes a dangerous step. This is one of the many reasons IE
has been such a security mess. IE is tightly integrated with the OS
(although not as much as it used to be, maybe not even anymore).

I'm not posting this all to rip on firegpg or any implementation like
that, I'm just saying that if you want serious security it really should
be separated and you shouldn't allow active scripting unless you can
auth the source. I give computer security/security culture workshops on
a regular basis and I recommend that people install FireGPG. Overall,
encryption is a detterent and there's always going to be an easier way
to decrypt your data than brute forcing the key.

Ringo







Maximilien Cuony [The_Glu] wrote:
> Do you know there is a separation between pages's javascript and chrome 
> (=browser + extention) javascript ?
> 
> If you can listen to keystrokes, you can listent to keystrokes of the whole 
> system. And even gnupg.exe is concerned. And I don't think you can.
> 
> Flash and ActiveX can play with memory of the system ? Great. Because if they 
> can, FireGPG or not won't change anything.
> 
> No, TorButton dosen't allow flash and cie for this reason. It's simply because 
> they can't be 'torified' and bypass privacy.
> 
> FireGPG is (as I know) secure. You can't steat a private key or a password or 
> whatever. If you can, it's with security issues that let's attackers play with 
> gnupg alone, FireGPG isn't needed to succeed in this cases.
> 
> So please stop saying shit. Thanks.
> 
> On Tuesday 25 August 2009, Ringo <2600denver at gmail.com> wrote :
>> This isn't a vulnerability in FireGPG, it's an issue with integrating
>> crypto in browsers. If you allow javascript, flash, activex, and other
>> such active content to run in your browser, they can listen to your
>> keystrokes. From what I remember, which could be wrong, there are a
>> number of proofs of concepts for javascript applets that can listen to
>> keystrokes in the background. In theory, this could be used to grab a
>> passphrase. Stuff like Flash and ActiveX have even more power and I
>> assume they can grab things out of memory or do some type of
>> interception. I could be wrong on this, but there's a reason that
>> "TorButton" (for using Tor in Firefox) doesn't allow anything like
>> flash, active x, and most javascript.
>>
>> As these attacks get more sophisticated, we're seeing "drive-by" virus
>> infections. Luckily, most of these rely on browser and/or system
>> vulnerabilities but as we continue to allow all these new types of
>> active scripting (allowing remote, un-authenticated code to run on your
>> machine), we're going to continue to see these problems. This doesn't
>> mean we should ditch the concept all together, but that we need to build
>> in a lot of safeguards and privacy standards.
>>
>> That shit is just plain dangerous and IMHO if people are allowing that
>> kind of stuff to run, they're just fooling themselves. It's still better
>> than not encrypting anything, but it's also a false sense of security.
>>
>> Ringo
>>
>> Daniel Kahn Gillmor wrote:
>>> On 08/22/2009 09:14 PM, in a conversation about FireGPG, Ringo wrote:
>>>> Also realize that unless you disable javascript/flash/etc., gmail or any
>>>> other site with javascript that's open at the time can steal your
>>>> passphrase and potentially your private key.
>>> I have no idea about what goes on in proprietary software like flash,
>>> but would you care to substantiate the claim that FireGPG exposes your
>>> passphrase and potentially private key to any web site allowed to use
>>> javascript?  I've cc'ed the upstream author of FireGPG here so he is
>>> aware of this serious charge.  I'm sure he'd want to know about it.
>>>
>>> That sounds like it would be a pretty nasty vulnerability, and i'd like
>>> to see it fixed if possible.
>>>
>>> I agree that there are many problems with tightly-integrated crypto in a
>>> web browser, but they should not in principle be significantly worse
>>> than the problems involved with tightly-inegrated crypto in a mail user
>>> agent, particularly MUAs of the modern kind with all their fanciness.
>>> i think enigmail has shown that good work can be done in this space  in
>>> spite of the inherent difficulties.
>>>
>>> If you think FireGPG doesn't live up to that, let's set about
>>> identifying the problems clearly so they can be fixed.
>>>
>>> 	--dkg

From maximilien at theglu.org  Tue Aug 25 00:12:14 2009
From: maximilien at theglu.org (Maximilien Cuony [The_Glu])
Date: Tue, 25 Aug 2009 09:12:14 +0200
Subject: [Enigmail] gmail?
In-Reply-To: <4A938C0D.9000403@gmail.com>
References: <4A8FFDC3.7040608@robinlea.com>
	<200908250836.15183.maximilien@theglu.org>
	<4A938C0D.9000403@gmail.com>
Message-ID: <200908250912.19738.maximilien@theglu.org>

> I don't know much about this actually, I'd be interested to hear what
> people have to say on it.

There is a notion of trusted javascript or not with diffrents rights in 
FireGPG. E.g. FireGPG is an extention and can play with everything. Firefox 
himself or another extentions too. Javascript form a webpage is sandboxed. In 
his page. A page can't play with extention's function or browser function 
(hopefully...)

> What I'm getting at here is that allowing any active scripting is
> dangerous, especially if you're trying to protect data via encryption.

Yep, that why noscript exist ;)

>  but I'm pretty sure active x can do whatever
> it wants.

Yep, but people who use IE should be killed anyways...

> This could be, but most likely isn't. My understanding is that it only
> applies to keystrokes issued while the browser is open, or maybe even
> when that specific tab is open.

Greate, because FireGPG is NOT in the tab (separated from pages), so you can't 
intercept the keys from a webpage.

Regards,

On Tuesday 25 August 2009, Ringo <2600denver at gmail.com> wrote :
> Do you know there is a separation between pages's javascript and chrome
> (=browser + extention) javascript ?
>
> I don't know much about this actually, I'd be interested to hear what
> people have to say on it.
>
> "If you can listen to keystrokes, you can listent to keystrokes of the
> whole system. And even gnupg.exe is concerned. And I don't think you can."
>
> This could be, but most likely isn't. My understanding is that it only
> applies to keystrokes issued while the browser is open, or maybe even
> when that specific tab is open.
>
> "Flash and ActiveX can play with memory of the system ? Great. Because
> if they can, FireGPG or not won't change anything."
>
> I'm not sure about Flash, but I'm pretty sure active x can do whatever
> it wants. I know it can access the file system as there are active X
> virus scanners. Windows update uses it as well, but that could be a
> "only windows update" type thing. I'm not sure how firefox handles
> active X, but imagine if a user has an IE window open with active x
> running as well?
>
> What I'm getting at here is that allowing any active scripting is
> dangerous, especially if you're trying to protect data via encryption.
> The idea of integrating this encryption with the browser, while
> convenient, takes a dangerous step. This is one of the many reasons IE
> has been such a security mess. IE is tightly integrated with the OS
> (although not as much as it used to be, maybe not even anymore).
>
> I'm not posting this all to rip on firegpg or any implementation like
> that, I'm just saying that if you want serious security it really should
> be separated and you shouldn't allow active scripting unless you can
> auth the source. I give computer security/security culture workshops on
> a regular basis and I recommend that people install FireGPG. Overall,
> encryption is a detterent and there's always going to be an easier way
> to decrypt your data than brute forcing the key.
>
> Ringo
>
> Maximilien Cuony [The_Glu] wrote:
> > Do you know there is a separation between pages's javascript and chrome
> > (=browser + extention) javascript ?
> >
> > If you can listen to keystrokes, you can listent to keystrokes of the
> > whole system. And even gnupg.exe is concerned. And I don't think you can.
> >
> > Flash and ActiveX can play with memory of the system ? Great. Because if
> > they can, FireGPG or not won't change anything.
> >
> > No, TorButton dosen't allow flash and cie for this reason. It's simply
> > because they can't be 'torified' and bypass privacy.
> >
> > FireGPG is (as I know) secure. You can't steat a private key or a
> > password or whatever. If you can, it's with security issues that let's
> > attackers play with gnupg alone, FireGPG isn't needed to succeed in this
> > cases.
> >
> > So please stop saying shit. Thanks.
> >
> > On Tuesday 25 August 2009, Ringo <2600denver at gmail.com> wrote :
> >> This isn't a vulnerability in FireGPG, it's an issue with integrating
> >> crypto in browsers. If you allow javascript, flash, activex, and other
> >> such active content to run in your browser, they can listen to your
> >> keystrokes. From what I remember, which could be wrong, there are a
> >> number of proofs of concepts for javascript applets that can listen to
> >> keystrokes in the background. In theory, this could be used to grab a
> >> passphrase. Stuff like Flash and ActiveX have even more power and I
> >> assume they can grab things out of memory or do some type of
> >> interception. I could be wrong on this, but there's a reason that
> >> "TorButton" (for using Tor in Firefox) doesn't allow anything like
> >> flash, active x, and most javascript.
> >>
> >> As these attacks get more sophisticated, we're seeing "drive-by" virus
> >> infections. Luckily, most of these rely on browser and/or system
> >> vulnerabilities but as we continue to allow all these new types of
> >> active scripting (allowing remote, un-authenticated code to run on your
> >> machine), we're going to continue to see these problems. This doesn't
> >> mean we should ditch the concept all together, but that we need to build
> >> in a lot of safeguards and privacy standards.
> >>
> >> That shit is just plain dangerous and IMHO if people are allowing that
> >> kind of stuff to run, they're just fooling themselves. It's still better
> >> than not encrypting anything, but it's also a false sense of security.
> >>
> >> Ringo
> >>
> >> Daniel Kahn Gillmor wrote:
> >>> On 08/22/2009 09:14 PM, in a conversation about FireGPG, Ringo wrote:
> >>>> Also realize that unless you disable javascript/flash/etc., gmail or
> >>>> any other site with javascript that's open at the time can steal your
> >>>> passphrase and potentially your private key.
> >>>
> >>> I have no idea about what goes on in proprietary software like flash,
> >>> but would you care to substantiate the claim that FireGPG exposes your
> >>> passphrase and potentially private key to any web site allowed to use
> >>> javascript?  I've cc'ed the upstream author of FireGPG here so he is
> >>> aware of this serious charge.  I'm sure he'd want to know about it.
> >>>
> >>> That sounds like it would be a pretty nasty vulnerability, and i'd like
> >>> to see it fixed if possible.
> >>>
> >>> I agree that there are many problems with tightly-integrated crypto in
> >>> a web browser, but they should not in principle be significantly worse
> >>> than the problems involved with tightly-inegrated crypto in a mail user
> >>> agent, particularly MUAs of the modern kind with all their fanciness. i
> >>> think enigmail has shown that good work can be done in this space  in
> >>> spite of the inherent difficulties.
> >>>
> >>> If you think FireGPG doesn't live up to that, let's set about
> >>> identifying the problems clearly so they can be fixed.
> >>>
> >>> 	--dkg
-- 
Maximilien Cuony [The_Glu]
http://theglu.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090825/55bde5c4/attachment.bin>

From alaric at metrocast.net  Tue Aug 25 05:27:32 2009
From: alaric at metrocast.net (Phil Stracchino)
Date: Tue, 25 Aug 2009 08:27:32 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A938345.8020106@gmail.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>	<4A902CB1.7090803@rainydayz.org>	<4A90937A.7030205@robinlea.com>	<4A9097E9.6080909@gmail.com>
	<4A93806A.5030807@fifthhorseman.net> <4A938345.8020106@gmail.com>
Message-ID: <4A93D8B4.1000407@metrocast.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Ringo wrote:
> This isn't a vulnerability in FireGPG, it's an issue with integrating
> crypto in browsers. If you allow javascript, flash, activex, and other
> such active content to run in your browser, they can listen to your
> keystrokes. From what I remember, which could be wrong, there are a
> number of proofs of concepts for javascript applets that can listen to
> keystrokes in the background. In theory, this could be used to grab a
> passphrase. Stuff like Flash and ActiveX have even more power and I
> assume they can grab things out of memory or do some type of
> interception.

ActiveX is and always has been a horrible security hole.  But look at
the source.  What did you really expect?

- --
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkqT2LQACgkQ0DfOju+hMkkxbACgsCuCAnccmd6rIG6N2fUGMBLT
U80AoOpdYTCMOFozV1OXhGjOg80thkI1
=++dF
-----END PGP SIGNATURE-----

From dkg at fifthhorseman.net  Tue Aug 25 08:23:17 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 25 Aug 2009 11:23:17 -0400
Subject: [Enigmail] gmail?
In-Reply-To: <4A938345.8020106@gmail.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>	<4A902CB1.7090803@rainydayz.org>	<4A90937A.7030205@robinlea.com>	<4A9097E9.6080909@gmail.com>
	<4A93806A.5030807@fifthhorseman.net> <4A938345.8020106@gmail.com>
Message-ID: <4A9401E5.2030707@fifthhorseman.net>

On 08/25/2009 02:23 AM, Ringo wrote:
> This isn't a vulnerability in FireGPG, it's an issue with integrating
> crypto in browsers. If you allow javascript, flash, activex, and other
> such active content to run in your browser, they can listen to your
> keystrokes. From what I remember, which could be wrong, there are a
> number of proofs of concepts for javascript applets that can listen to
> keystrokes in the background.

If you can dig up a link to one of those proofs of concept which is
capable of recording keystrokes while the page content itself does not
have the keyboard focus, we should point it out to the browser
upstreams, as this sounds like a serious security flaw in its own right.
 Let's get it fixed.  Any pointers?

> As these attacks get more sophisticated, we're seeing "drive-by" virus
> infections. Luckily, most of these rely on browser and/or system
> vulnerabilities but as we continue to allow all these new types of
> active scripting (allowing remote, un-authenticated code to run on your
> machine), we're going to continue to see these problems. This doesn't
> mean we should ditch the concept all together, but that we need to build
> in a lot of safeguards and privacy standards.

Thunderbird has a javascript engine too, as i'm sure you know.  Do you
consider enigmail to carry the same risks you ascribe to FireGPG?  If
so, what can we do to minimize or help people mitigate those risks?  As
i said earlier, the problems of integrated crypto in modern browsers are
very similar to the problems of integrated crypto in modern MUAs.

> That shit is just plain dangerous and IMHO if people are allowing that
> kind of stuff to run, they're just fooling themselves. It's still better
> than not encrypting anything, but it's also a false sense of security.

I agree with much of what you say.  However, if we make "security"
diametrically opposed to convenience, we just implicitly encourage users
to take crappy, insecure workarounds or not bother at all.  So
convenience and ease of use are important factors in a truly secure
toolset.  Unfortunately, extensions like noscript are too inconvenient
for regular users to adopt these days :(  So we need to make sure that
the most common paths that *do* get used have all the sharp edges taken
off and can be handled safely.  This is why there is page vs. chrome
javascript sandboxing (as the_glu mentioned) and other similar
approaches.  Where those approaches are inadequate, we need to fix them,
even as we provide alternatives like noscript for folks who are willing
to take the inconvenient path.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090825/79771371/attachment.bin>

From jmoore3rd at bellsouth.net  Tue Aug 25 10:13:58 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Tue, 25 Aug 2009 13:13:58 -0400
Subject: [Enigmail] Anybody Here Using Tb3.0b3/4 with Enigmail 0.97a?
Message-ID: <4A941BD6.9040501@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I ask because I am interested to learn if those Users experimenting with
this combination of Nightly Builds are experiencing any of these behaviors:

'Message Loading' occurs slowly, particularly when Enigmail calls GPG?

The following 'Message Screen' appears with regularity:

A script on this page may be busy, or it may have stopped responding.
You can stop the script now, or you can continue to see if the script
will complete.

Script:
file:///C:/Documents%20and%20Settings/Compaq_Owner/Application%20Data/Thunderbird/Profiles/lk476ntg.default/extensions/%7B847b3a00-7ab1-11d4-8f02-006008948af5%7D/components/enigmail.js:362

Usually clicking the 'Continue Script' button works without problem.

Additionally, earlier today I inadvertently clicked the [-] button on
the Enigmail Bar and after collapsing from 2 lines to 1 the [+] does not
appear and the Enigmail Bar cannot be re-expanded.  I have attempted
Re-Starting T-Bird, reinstalling Enigmail and reinstalling Tb3.0b4 with
today's Build.  All efforts to date result in 'No Joy'.

I accept that some of My issues are probably the result of using 'Force
Install' on a handful of incompatible Extensions but am curious to learn
if anyone else has experienced similar experiences with their
installations.

TIA

JOHN ;)
Timestamp: Tuesday 25 Aug 2009, 13:13  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5124: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKlBvRAAoJEBCGy9eAtCsP9wcH/iL8Jey30AfGCCmpeTdinIB0
Iw5kZPh7VjtMGtPsTfomVP7eIALFRKK0jGsNxc4LPi2d0OqWIC8IDFjHszCsjaN6
hsn2X3nNazFp+PSmtcFmQmD84ust8vovNx2t0lLHZ+pU8GT5SAH59RCVOy20noVJ
eKnQjFm1K20mQOAFo3MZVGha6PtQaKdUgCGhY/3sfdSH1SNu26KiDCe0dMp8xO3x
QgE6dyUrFf5FA9cmUC1nSy4qyBy/9+gdQV4k/GtrIiaRlI+SUiCq+ws45AtMMruX
PZ5sjjNVrgNQ7YOK7kcFk4srmdpgHt044sS8WJp2j8uxVVSnHRgxxuNc5X7Rj9I=
=vWoP
-----END PGP SIGNATURE-----

From christophegger at freenet.de  Tue Aug 25 12:13:56 2009
From: christophegger at freenet.de (Christoph Egger)
Date: Tue, 25 Aug 2009 21:13:56 +0200
Subject: [Enigmail] gmail?
In-Reply-To: <4A917F7E.3020209@gmail.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A901E57.5050803@comcast.net>	<4A90CD4C.9070108@robinlea.com>	<4A90CEFC.7090904@bellsouth.net>
	<4A917F7E.3020209@gmail.com>
Message-ID: <4A9437F4.1070703@freenet.de>

Allen Schultz schrieb:
> John W. Moore III wrote:
>> I like the Frontend GPGshell [http://www.jumaros.de/rsoft/index.html]
>> but there are many frontends and folks have different preferences.
> 
> I like this program as well. Is there an equal equivalent to this
> program on the GNU/Linux platform? Especially the feature when you edit
> a key, it reverts back to the CLI editing of the key?
> 

KGPG has a Edit Key in Terminal Button. No idea in how far this is
appropriate, my experience with GPGshell and GPG on Windows dates back
to ~2003 ;)

Regards

	Christoph

-- 
/"\  ASCII Ribbon : GPG-Key ID: 0x0372275D
\ /    Campaign   : GPG 4096R : 0xD49AE731
 X   against HTML : Debian NM
/ \   in eMails   : http://www.debian.org/

http://www.christoph-egger.org/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 264 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090825/693c7f18/attachment.bin>

From david at gbenet.com  Tue Aug 25 12:31:03 2009
From: david at gbenet.com (david)
Date: Tue, 25 Aug 2009 20:31:03 +0100
Subject: [Enigmail] multiple copies of public key
In-Reply-To: <4A9437F4.1070703@freenet.de>
References: <4A8FFDC3.7040608@robinlea.com>	<4A901E57.5050803@comcast.net>	<4A90CD4C.9070108@robinlea.com>	<4A90CEFC.7090904@bellsouth.net>	<4A917F7E.3020209@gmail.com>
	<4A9437F4.1070703@freenet.de>
Message-ID: <4A943BF7.9010607@gbenet.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi All,

I'm using MS$ XP at the moment. In advanced settings one can enable to
attach one' public key. When I do this and start a reply I get up to 8
file attachments of my public key. I have disabled the option.

Any ideas would be helpful,

David

- --
Confidentiality Statement

Wisdom is knowing what to do with what you know. This message and any
attachments are solely for the intended recipient and may containing
confidential or privileged information. If you are not the intended
recipient, any disclosure, copying, use, or distribution of the
information included in this message and any attachments is prohibited.
If you have received this communication in error e-mail
postmaster at gbenet.compful. Thank you.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqUO/cACgkQYvuE3Ov+SsBxtgCfcu9S4jnEn3VxxYwcUCk0dhp9
PO0An0+SPLVWXgGxgtI5FO6Ly4/7pOuo
=pBlB
-----END PGP SIGNATURE-----

From chriechers at netscape.net  Tue Aug 25 14:36:21 2009
From: chriechers at netscape.net (Christian Riechers)
Date: Tue, 25 Aug 2009 23:36:21 +0200
Subject: [Enigmail] Anybody Here Using Tb3.0b3/4 with Enigmail 0.97a?
In-Reply-To: <mailman.2145.1251220460.63231.enigmail@mozdev.org>
References: <mailman.2145.1251220460.63231.enigmail@mozdev.org>
Message-ID: <h71lgh$q0s$1@mozdev.mozdev.org>

On 08/25/2009 07:13 PM, John W. Moore III wrote:
> I ask because I am interested to learn if those Users experimenting with
> this combination of Nightly Builds are experiencing any of these behaviors:
> 
> 'Message Loading' occurs slowly, particularly when Enigmail calls GPG?
> 
> The following 'Message Screen' appears with regularity:
> 
> A script on this page may be busy, or it may have stopped responding.
> You can stop the script now, or you can continue to see if the script
> will complete.
> 
> Script:
> file:///C:/Documents%20and%20Settings/Compaq_Owner/Application%20Data/Thunderbird/Profiles/lk476ntg.default/extensions/%7B847b3a00-7ab1-11d4-8f02-006008948af5%7D/components/enigmail.js:362
> 
> Usually clicking the 'Continue Script' button works without problem.
> 
> Additionally, earlier today I inadvertently clicked the [-] button on
> the Enigmail Bar and after collapsing from 2 lines to 1 the [+] does not
> appear and the Enigmail Bar cannot be re-expanded.  I have attempted
> Re-Starting T-Bird, reinstalling Enigmail and reinstalling Tb3.0b4 with
> today's Build.  All efforts to date result in 'No Joy'.
> 
> I accept that some of My issues are probably the result of using 'Force
> Install' on a handful of incompatible Extensions but am curious to learn
> if anyone else has experienced similar experiences with their
> installations.
> 
> TIA
> 
> JOHN ;)
> Timestamp: Tuesday 25 Aug 2009, 13:13  --400 (Eastern Daylight Time)

I'm using Shredder/3.0b4pre with Enigmail 0.97a. The challenge was to
get it working properly with gpg2. This is on OpenSuSE Linux 11.1.
It is now working fine, and I do not see any of the issues you describe.

-- 
Christian

From olav at seyfarth.de  Tue Aug 25 22:35:47 2009
From: olav at seyfarth.de (Olav Seyfarth)
Date: Wed, 26 Aug 2009 07:35:47 +0200
Subject: [Enigmail] multiple copies of public key
In-Reply-To: <4A943BF7.9010607@gbenet.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A901E57.5050803@comcast.net>	<4A90CD4C.9070108@robinlea.com>	<4A90CEFC.7090904@bellsouth.net>	<4A917F7E.3020209@gmail.com>	<4A9437F4.1070703@freenet.de>
	<4A943BF7.9010607@gbenet.com>
Message-ID: <4A94C9B3.9000206@seyfarth.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi David,

> In advanced settings I enabled 'attach my public key'.
> When I reply I get up to 8 file attachments of my public key.

is that on first clicking REPLY or after cancelling any
confirmation dialog multiple times.

Another thing to make sure is that you explicitely choose
your key in Account Settings.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkqUya4ACgkQL/NBt8fdKe0R8ACfQ6wc12WV8wctkeBVbV0qr90p
yg4An3l7QfpUwtQ4qX6tnEPt2L4D1iHy
=Mvpb
-----END PGP SIGNATURE-----

From mlisten at hammernoch.net  Tue Aug 25 23:16:48 2009
From: mlisten at hammernoch.net (=?ISO-8859-1?Q?Ludwig_H=FCgelsch=E4fer?=)
Date: Wed, 26 Aug 2009 08:16:48 +0200
Subject: [Enigmail] Anybody Here Using Tb3.0b3/4 with Enigmail 0.97a?
In-Reply-To: <4A941BD6.9040501@bellsouth.net>
References: <4A941BD6.9040501@bellsouth.net>
Message-ID: <4A94D350.40703@hammernoch.net>

Hi,

John W. Moore III wrote on 25.08.09 19:13:
> I ask because I am interested to learn if those Users experimenting with
> this combination of Nightly Builds are experiencing any of these behaviors:
> 
> 'Message Loading' occurs slowly, particularly when Enigmail calls GPG?

TB3b seems to be a bit slower than TB2 in general, but not excessively.
Enigmail actions are also a bit slower compared to the old TB2.

> The following 'Message Screen' appears with regularity:
> 
> A script on this page may be busy, or it may have stopped responding.
> You can stop the script now, or you can continue to see if the script
> will complete.
> 
> Script:
> file:///C:/Documents%20and%20Settings/Compaq_Owner/Application%20Data/Thunderbird/Profiles/lk476ntg.default/extensions/%7B847b3a00-7ab1-11d4-8f02-006008948af5%7D/components/enigmail.js:362
> 
> Usually clicking the 'Continue Script' button works without problem.

Same behaviour here on Mac OS X (10.5.8), but it comes rarely, only when
I have enigmail/gpg relevant actions in periods of heavy background load
on the processor(s). The script did always complete properly after I
allowed it. I assume that there is a protection against hanging scripts
built in the new TB3b. Not sure if enigmail can increase the timeout
setting or something similar to make that message never come.

Second thought: This always happens during decrypt/encrypt operations
and not during key management. Loading my relatively large keyring
always takes longer than en/decrypting. Maybe because there's a separate
thread within enigmail for key management?

> Additionally, earlier today I inadvertently clicked the [-] button on
> the Enigmail Bar and after collapsing from 2 lines to 1 the [+] does not
> appear and the Enigmail Bar cannot be re-expanded.  I have attempted
> Re-Starting T-Bird, reinstalling Enigmail and reinstalling Tb3.0b4 with
> today's Build.  All efforts to date result in 'No Joy'.

Never had such a thing. It always collapses and expands properly.

> I accept that some of My issues are probably the result of using 'Force
> Install' on a handful of incompatible Extensions but am curious to learn
> if anyone else has experienced similar experiences with their
> installations.

Maybe the collapse/expand issue is due to your "old" extensions. Are
they enabled? The only extension installed here besides enigmail is the
calender "lightning" nightly build, designed for TB3 and preceding betas.

HTH

Ludwig

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 550 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090826/d0e6bdc4/attachment.bin>

From david at gbenet.com  Tue Aug 25 23:42:27 2009
From: david at gbenet.com (david)
Date: Wed, 26 Aug 2009 07:42:27 +0100
Subject: [Enigmail] multiple copies of public key
In-Reply-To: <4A94C9B3.9000206@seyfarth.de>
References: <4A8FFDC3.7040608@robinlea.com>	<4A901E57.5050803@comcast.net>	<4A90CD4C.9070108@robinlea.com>	<4A90CEFC.7090904@bellsouth.net>	<4A917F7E.3020209@gmail.com>	<4A9437F4.1070703@freenet.de>	<4A943BF7.9010607@gbenet.com>
	<4A94C9B3.9000206@seyfarth.de>
Message-ID: <4A94D953.9020001@gbenet.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Clav,

Nope, just seems a matter of time. The longer it takes me to type an
email the more public keys.

David

Olav Seyfarth wrote:
> Hi David,
> 
>> In advanced settings I enabled 'attach my public key'.
>> When I reply I get up to 8 file attachments of my public key.
> 
> is that on first clicking REPLY or after cancelling any
> confirmation dialog multiple times.
> 
> Another thing to make sure is that you explicitely choose
> your key in Account Settings.
> 
> 
_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail

- ------------------------------------------------------------------------


No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.409 / Virus Database: 270.13.66/2325 - Release Date:
08/25/09 06:08:00


- --
Confidentiality Statement

Wisdom is knowing what to do with what you know. This message and any
attachments are solely for the intended recipient and may containing
confidential or privileged information. If you are not the intended
recipient, any disclosure, copying, use, or distribution of the
information included in this message and any attachments is prohibited.
If you have received this communication in error e-mail
postmaster at gbenet.com. Thank you.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqU2VMACgkQYvuE3Ov+SsBFsQCfX3FLZQs8LpaSTH/1tBnA5vjJ
Yr4AnjOc4doyiS09X4we+G1ejg4rb2T/
=oqME
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xEBFE4AC0.asc
Type: application/pgp-keys
Size: 3447 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090826/bd732505/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xEBFE4AC0.asc
Type: application/pgp-keys
Size: 3447 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090826/bd732505/attachment-0001.bin>
-------------- next part --------------

No virus found in this outgoing message.
Checked by AVG - www.avg.com 
Version: 8.5.409 / Virus Database: 270.13.66/2325 - Release Date: 08/25/09 06:08:00

From olav at seyfarth.de  Tue Aug 25 23:56:06 2009
From: olav at seyfarth.de (Olav Seyfarth)
Date: Wed, 26 Aug 2009 08:56:06 +0200
Subject: [Enigmail] multiple copies of public key
In-Reply-To: <4A94D953.9020001@gbenet.com>
References: <4A8FFDC3.7040608@robinlea.com>	<4A901E57.5050803@comcast.net>	<4A90CD4C.9070108@robinlea.com>	<4A90CEFC.7090904@bellsouth.net>	<4A917F7E.3020209@gmail.com>	<4A9437F4.1070703@freenet.de>	<4A943BF7.9010607@gbenet.com>	<4A94C9B3.9000206@seyfarth.de>
	<4A94D953.9020001@gbenet.com>
Message-ID: <4A94DC86.20605@seyfarth.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi David,

> Nope, just seems a matter of time. The longer it takes me to type an
> email the more public keys.

that points to autosave - any special settings or AddOns that might
have influence? Please test by installing just TB+EM in a new profile.
Do you know how to do that without losing your current profile?

Olav
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkqU3IQACgkQL/NBt8fdKe3O7gCgl/IQgEslrQjLfwsHXN8+6L4X
9AkAmwYSsK99vMjCGBArE71zV/HR5zXq
=MHpe
-----END PGP SIGNATURE-----

From afb at paradise.net.nz  Wed Aug 26 16:50:27 2009
From: afb at paradise.net.nz (Adam Bogacki)
Date: Thu, 27 Aug 2009 11:50:27 +1200
Subject: [Enigmail] Lenny: IceApe Enigmail ?
Message-ID: <20090826235027.GA3799@paradise.net.nz>

Hi, can anyone point me to a source for Enigmail
for IceApe on Lenny ?

Adam Bogacki,
afb at paradise.net.nz


From christophegger at freenet.de  Thu Aug 27 00:50:15 2009
From: christophegger at freenet.de (Christoph Egger)
Date: Thu, 27 Aug 2009 09:50:15 +0200
Subject: [Enigmail] Lenny: IceApe Enigmail ?
In-Reply-To: <20090826235027.GA3799@paradise.net.nz>
References: <20090826235027.GA3799@paradise.net.nz>
Message-ID: <4A963AB7.7060603@freenet.de>

Adam Bogacki schrieb:
> Hi, can anyone point me to a source for Enigmail
> for IceApe on Lenny ?
> 
> Adam Bogacki,
> afb at paradise.net.nz

	Just a sidenote: There's no IceApe on Lenny[0], it was removed there
quite some time before the offical release. Perhapes time to move to
something else as there won't be any security updates?

Regards

	Christoph

[0] http://packages.debian.org/search?keywords=iceape
-- 
/"\  ASCII Ribbon : GPG-Key ID: 0x0372275D
\ /    Campaign   : GPG 4096R : 0xD49AE731
 X   against HTML : Debian NM
/ \   in eMails   : http://www.debian.org/

http://www.christoph-egger.org/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 264 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090827/eb4dca92/attachment.bin>

From david at gbenet.com  Thu Aug 27 02:09:27 2009
From: david at gbenet.com (david)
Date: Thu, 27 Aug 2009 10:09:27 +0100
Subject: [Enigmail] multiple copies of public key
In-Reply-To: <4A94DC86.20605@seyfarth.de>
References: <4A8FFDC3.7040608@robinlea.com>	<4A901E57.5050803@comcast.net>	<4A90CD4C.9070108@robinlea.com>	<4A90CEFC.7090904@bellsouth.net>	<4A917F7E.3020209@gmail.com>	<4A9437F4.1070703@freenet.de>	<4A943BF7.9010607@gbenet.com>	<4A94C9B3.9000206@seyfarth.de>	<4A94D953.9020001@gbenet.com>
	<4A94DC86.20605@seyfarth.de>
Message-ID: <4A964D47.3080803@gbenet.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Clav,

Have no other addons other then enigmail

david

Olav Seyfarth wrote:
> Hi David,
> 
>> Nope, just seems a matter of time. The longer it takes me to type an
>> email the more public keys.
> 
> that points to autosave - any special settings or AddOns that might
> have influence? Please test by installing just TB+EM in a new profile.
> Do you know how to do that without losing your current profile?
> 
> Olav
_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail

- ------------------------------------------------------------------------


No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.409 / Virus Database: 270.13.66/2325 - Release Date:
08/25/09 06:08:00


- --
Confidentiality Statement

Wisdom is knowing what to do with what you know. This message and any
attachments are solely for the intended recipient and may containing
confidential or privileged information. If you are not the intended
recipient, any disclosure, copying, use, or distribution of the
information included in this message and any attachments is prohibited.
If you have received this communication in error e-mail
postmaster at gbenet.com. Thank you.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqWTUcACgkQYvuE3Ov+SsCwBACg56/YU3+qhBNSB6l1ZEnrZgwV
AfYAoJghu4au29ql55gN2oUCbtlYFfpE
=xm+y
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xEBFE4AC0.asc
Type: application/pgp-keys
Size: 3447 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090827/ad1a0772/attachment.bin>
-------------- next part --------------

No virus found in this outgoing message.
Checked by AVG - www.avg.com 
Version: 8.5.409 / Virus Database: 270.13.69/2328 - Release Date: 08/26/09 12:16:00

From afb at paradise.net.nz  Fri Aug 28 00:49:16 2009
From: afb at paradise.net.nz (Adam Bogacki)
Date: Fri, 28 Aug 2009 19:49:16 +1200
Subject: [Enigmail] Lenny: IceApe Enigmail ?
Message-ID: <4A978BFC.5080707@paradise.net.nz>

>
> Date: Thu, 27 Aug 2009 09:50:15 +0200
> From: Christoph Egger <christophegger at freenet.de>
> Subject: Re: [Enigmail] Lenny: IceApe Enigmail ?
> .. snip ..
>
> Adam Bogacki schrieb:
> > Hi, can anyone point me to a source for Enigmail
> > for IceApe on Lenny ?
> >
> > Adam Bogacki,
> > afb at paradise.net.nz
>
>         Just a sidenote: There's no IceApe on Lenny[0], it was
> removed there
> quite some time before the offical release. Perhapes time to move to
> something else as there won't be any security updates?
> Regards
>
>         Christoph
>
> [0] http://packages.debian.org/search?keywords=iceape
> --
> /"\  ASCII Ribbon : GPG-Key ID: 0x0372275D
> \ /    Campaign   : GPG 4096R : 0xD49AE731
>  X   against HTML : Debian NM
> / \   in eMails   : http://www.debian.org/
>
> http://www.christoph-egger.org/
With all due respect to Christoph, this message has been sent
by IceApe Mail on lenny .. sans enigmail.

However, without properly configured enigmail it cannot be [digitally] 
signed
and is insecure.

Regards,

Adam Bogacki,
afb at paradise.net.nz





From andy.ruddock at rainydayz.org  Fri Aug 28 06:25:19 2009
From: andy.ruddock at rainydayz.org (Andy Ruddock)
Date: Fri, 28 Aug 2009 14:25:19 +0100
Subject: [Enigmail] Lenny: IceApe Enigmail ?
Message-ID: <4A97DABF.30607@rainydayz.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Adam Bogacki wrote:
>>
>> Date: Thu, 27 Aug 2009 09:50:15 +0200
>> From: Christoph Egger <christophegger at freenet.de>
>> Subject: Re: [Enigmail] Lenny: IceApe Enigmail ?
>> .. snip ..
>>
>> Adam Bogacki schrieb:
>> > Hi, can anyone point me to a source for Enigmail
>> > for IceApe on Lenny ?
>> >
>> > Adam Bogacki,
>> > afb at paradise.net.nz
>>
>>         Just a sidenote: There's no IceApe on Lenny[0], it was
>> removed there
>> quite some time before the offical release. Perhapes time to move to
>> something else as there won't be any security updates?
>> Regards
>>
>>         Christoph
>>
>> [0] http://packages.debian.org/search?keywords=iceape
>> --
>> /"\  ASCII Ribbon : GPG-Key ID: 0x0372275D
>> \ /    Campaign   : GPG 4096R : 0xD49AE731
>>  X   against HTML : Debian NM
>> / \   in eMails   : http://www.debian.org/
>>
>> http://www.christoph-egger.org/
> With all due respect to Christoph, this message has been sent
> by IceApe Mail on lenny .. sans enigmail.
>
> However, without properly configured enigmail it cannot be [digitally]
> signed
> and is insecure.
>
> Regards,
>
> Adam Bogacki,
> afb at paradise.net.nz

But IceApe is no longer in the Debian repositories for Lenny (last
version of IceApe for Debian is 1.0.13 for etch). So you may have it
from a previous Debian install - maybe you upgraded from etch - but it's
no longer getting security updates from Debian.
Interestingly, although not in the repositories for Lenny (the stable
Debian distribution) it *is* in the repositories for Sid (the unstable
Debian distribution) at version 1.1.17.

- --
Andy Ruddock
- ------------
andy.ruddock at rainydayz.org (GPG Key ID 0xA622D452)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqX2r8ACgkQfSkWkaYi1FITgACcCbzY/KjYwQ+Wfi77vNMu9mSM
aI8An3wx4U5HwRUz3yUGLHlqpeYbQzIR
=InoU
-----END PGP SIGNATURE-----

From christophegger at freenet.de  Fri Aug 28 06:39:32 2009
From: christophegger at freenet.de (Christoph Egger)
Date: Fri, 28 Aug 2009 15:39:32 +0200
Subject: [Enigmail] Lenny: IceApe Enigmail ?
In-Reply-To: <4A97DABF.30607@rainydayz.org>
References: <4A97DABF.30607@rainydayz.org>
Message-ID: <4A97DE14.3000101@freenet.de>

Andy Ruddock schrieb:
> 
> But IceApe is no longer in the Debian repositories for Lenny (last
> version of IceApe for Debian is 1.0.13 for etch). So you may have it
> from a previous Debian install - maybe you upgraded from etch - but it's
> no longer getting security updates from Debian.
> Interestingly, although not in the repositories for Lenny (the stable
> Debian distribution) it *is* in the repositories for Sid (the unstable
> Debian distribution) at version 1.1.17.
> 

	Yes, IceApe was removed from testing/stable for the lack of people
volunteering to security support jet another mozilla package with
different xul, ..., no need to remove it from unstable though as there's
no security support for unstable anyway.

Regards

	Christoph

-- 
/"\  ASCII Ribbon : GPG-Key ID: 0x0372275D
\ /    Campaign   : GPG 4096R : 0xD49AE731
 X   against HTML : Debian NM
/ \   in eMails   : http://www.debian.org/

http://www.christoph-egger.org/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 264 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090828/6cb112be/attachment.bin>

From patrick at mozilla-enigmail.org  Sat Aug 29 02:42:28 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Sat, 29 Aug 2009 11:42:28 +0200
Subject: [Enigmail] Anybody Here Using Tb3.0b3/4 with Enigmail 0.97a?
In-Reply-To: <4A94D350.40703@hammernoch.net>
References: <4A941BD6.9040501@bellsouth.net> <4A94D350.40703@hammernoch.net>
Message-ID: <4A98F804.6040804@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Ludwig H?gelsch?fer wrote:
> 
> Never had such a thing. It always collapses and expands properly.
> 
>> I accept that some of My issues are probably the result of using 'Force
>> Install' on a handful of incompatible Extensions but am curious to learn
>> if anyone else has experienced similar experiences with their
>> installations.
> 
> Maybe the collapse/expand issue is due to your "old" extensions. Are
> they enabled? The only extension installed here besides enigmail is the
> calender "lightning" nightly build, designed for TB3 and preceding betas.


I would try deleting localstore.rdf in your profile directory while
Thunderbird is not running. I have had similar problems a while ago,
caused by that the file being corrupt.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSpj4A3cOpHodsOiwAQjr+Qf/VhzSDh9nU9axl3T4fobwoPMDxelzayOw
sQcgfzjIu9uk+y6xU9utnnZYMYxQR3fZKMBFnQeHup5VcGHC98A6C/6odW30oa5W
IqugvVRAT/t+8qIw6RitSuyjS7Irh+IWycoD7i1uiqi5hV2uXsOg4Te9NajzTVZO
qBjWEvBxO9c7r0ZNGUeYY3d8J7aP0oB7M52TXvb1j2lBqhEKh+Q+Q3NNTHuo/w8C
RRoEFaaeUF43nzyDbXSl1l0LX6Pfk70zWRqGaR/tElDNg2b2A1ODXlKf1m8eXyaS
BucWCqx5pNe1Eo8WdW0vOrA0LQWzYhb/VjIXzX597tmg9+Mhv4+5lw==
=IidB
-----END PGP SIGNATURE-----

From ludovic at mozillamessaging.com  Sat Aug 29 02:43:45 2009
From: ludovic at mozillamessaging.com (Ludovic Hirlimann)
Date: Sat, 29 Aug 2009 11:43:45 +0200
Subject: [Enigmail] Anybody Here Using Tb3.0b3/4 with Enigmail 0.97a?
In-Reply-To: <4A98F804.6040804@mozilla-enigmail.org>
References: <4A941BD6.9040501@bellsouth.net> <4A94D350.40703@hammernoch.net>
	<4A98F804.6040804@mozilla-enigmail.org>
Message-ID: <4A98F851.5030206@mozillamessaging.com>

On 8/29/09 11:42 AM, Patrick Brunschwig wrote:
> Ludwig H?gelsch?fer wrote:
>
> > Never had such a thing. It always collapses and expands properly.
>
> >> I accept that some of My issues are probably the result of using 'Force
> >> Install' on a handful of incompatible Extensions but am curious to
> learn
> >> if anyone else has experienced similar experiences with their
> >> installations.
>
> > Maybe the collapse/expand issue is due to your "old" extensions. Are
> > they enabled? The only extension installed here besides enigmail is the
> > calender "lightning" nightly build, designed for TB3 and preceding
> betas.
>
>
> I would try deleting localstore.rdf in your profile directory while
> Thunderbird is not running. I have had similar problems a while ago,
> caused by that the file being corrupt.
>
> -Patrick

That's a known bug and it's being worked on for b4.

-- 
http://perso.hirlimann.net/~ludo/blog/
http://flickr.com/photos/lhirlimann

-- 
Ludovic Hirlimann MozillaMessaging QA lead
http://www.spreadthunderbird.com/aff/79/2



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090829/19f360f2/attachment.bin>

From jmoore3rd at bellsouth.net  Sat Aug 29 05:59:26 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Sat, 29 Aug 2009 08:59:26 -0400
Subject: [Enigmail] Anybody Here Using Tb3.0b3/4 with Enigmail 0.97a?
In-Reply-To: <4A98F804.6040804@mozilla-enigmail.org>
References: <4A941BD6.9040501@bellsouth.net> <4A94D350.40703@hammernoch.net>
	<4A98F804.6040804@mozilla-enigmail.org>
Message-ID: <4A99262E.2010208@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Patrick Brunschwig wrote:

> I would try deleting localstore.rdf in your profile directory while
> Thunderbird is not running. I have had similar problems a while ago,
> caused by that the file being corrupt.

Done, however, all that changed was the absence of _all_ extensions.
After re-installing the current Enigmail Nightly the same behavior
presents.  Single line Enigmail Bar with no opportunity to 'expand' to 2
lines.  :-\

I did find 2 localstore Files.  One was localstore-1.rdf which was
totally empty.  I have removed this as well.

Oh Well, I'm becoming used to the single line.

JOHN ;)
Timestamp: Saturday 29 Aug 2009, 08:57  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5124: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKmSYrAAoJEBCGy9eAtCsPZRMH+gJZD6Bf/uoZOEFqguFCH1XM
V8tSfR3W8SuBhCs42KJBg0mwJf1K3HlzV/8Bhb0AHr1rngayQnxVztqg563lNPK5
C+E2JZBzgDrn4qdN3WcHtH4CvDT4Cqpqbxfd2MHnjc3hOeRdTa+TigqRMQmx6r+7
cAgLZ2ZgWlpwb1iyNIH4RHVHPxdZ9Fc5vJQWsFZ7kkW91eh2bKnaQ2ZtkrHrYMMw
WeGdCR3dS/boIWj62Oxk+l/dWiTEia7ODNzsiJgRzop/MexpuDYER9H3mM+Wg9ZN
E3cAds/Pxd+3/JHTdu+an3RVENccyoqFZRS6tOL4wnQfUl/SA2gB/8E/oa6JZq0=
=kzqY
-----END PGP SIGNATURE-----

From patrick at mozilla-enigmail.org  Sat Aug 29 08:38:39 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Sat, 29 Aug 2009 17:38:39 +0200
Subject: [Enigmail] Anybody Here Using Tb3.0b3/4 with Enigmail 0.97a?
In-Reply-To: <4A99262E.2010208@bellsouth.net>
References: <4A941BD6.9040501@bellsouth.net>
	<4A94D350.40703@hammernoch.net>	<4A98F804.6040804@mozilla-enigmail.org>
	<4A99262E.2010208@bellsouth.net>
Message-ID: <4A994B7F.3040804@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

John W. Moore III wrote:
> Patrick Brunschwig wrote:
> 
>> I would try deleting localstore.rdf in your profile directory while
>> Thunderbird is not running. I have had similar problems a while ago,
>> caused by that the file being corrupt.
> 
> Done, however, all that changed was the absence of _all_ extensions.
> After re-installing the current Enigmail Nightly the same behavior
> presents.  Single line Enigmail Bar with no opportunity to 'expand' to 2
> lines.  :-\
> 
> I did find 2 localstore Files.  One was localstore-1.rdf which was
> totally empty.  I have removed this as well.
> 
> Oh Well, I'm becoming used to the single line.

Strange, this works for me without any problems with today's nightly
builds of Shredder and Enigmail on Linux. However, on Windows the
required icon is missing, obviously making it impossible to change the
size of the bar. Up to now I used a standard icons from Thunderbird, I
assume that I'll have to switch to something different.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSplLfncOpHodsOiwAQg+CAgAiY/aEGpyWXdn6o2CFhK7NBXYEgWyaRqU
4GkFgQ/XWPBxc/9TOT0DHcK7qBFrVJxGIhSS95HWR0MurNcTlpLjhdbcFqEu3xFr
KDWYz5R+VsKfQbwADAd7+P8sdmlkVpcwjX33uqN9QxBQNCFVl8DoV2+r6f/iahqW
bORZr2pP2vhdtd815v/CSTxULx+SMRVBau562BlVEYCT+KcIFQZHsDhxLSfkQ6LJ
UEpjIOmqxIOMEsA24hWuIE/GtMpoff1UjzJCrus4b0YVzdh4KKW12PoNxiTLmB1t
r7ZXi2CHRXnSSWg8wK173+ornYly3SR0AukxVbQXK0auUvTIsXF3sg==
=TtRc
-----END PGP SIGNATURE-----

From patrick at mozilla-enigmail.org  Sat Aug 29 09:13:21 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Sat, 29 Aug 2009 18:13:21 +0200
Subject: [Enigmail] Anybody Here Using Tb3.0b3/4 with Enigmail 0.97a?
In-Reply-To: <4A994B7F.3040804@mozilla-enigmail.org>
References: <4A941BD6.9040501@bellsouth.net>	<4A94D350.40703@hammernoch.net>	<4A98F804.6040804@mozilla-enigmail.org>	<4A99262E.2010208@bellsouth.net>
	<4A994B7F.3040804@mozilla-enigmail.org>
Message-ID: <4A9953A1.5090304@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Patrick Brunschwig wrote:
> John W. Moore III wrote:
>> Patrick Brunschwig wrote:
> 
>>> I would try deleting localstore.rdf in your profile directory while
>>> Thunderbird is not running. I have had similar problems a while ago,
>>> caused by that the file being corrupt.
>> Done, however, all that changed was the absence of _all_ extensions.
>> After re-installing the current Enigmail Nightly the same behavior
>> presents.  Single line Enigmail Bar with no opportunity to 'expand' to 2
>> lines.  :-\
> 
>> I did find 2 localstore Files.  One was localstore-1.rdf which was
>> totally empty.  I have removed this as well.
> 
>> Oh Well, I'm becoming used to the single line.
> 
> Strange, this works for me without any problems with today's nightly
> builds of Shredder and Enigmail on Linux. However, on Windows the
> required icon is missing, obviously making it impossible to change the
> size of the bar. Up to now I used a standard icons from Thunderbird, I
> assume that I'll have to switch to something different.

It is as I thought, the icons I used to reference are no longer
available in TB 3 on Windows. I have added the icons locally into
Enigmail; tomorrow's nightly build should be fine again.

- -Patrick

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSplToHcOpHodsOiwAQg8Kwf/RvEeWCyx7aIHkU7rw58zpvGfK9eO5c3b
8608DKN2rld3Zu4X6L4dKY37rcBisX8XqM2lJHLGITRs5K9YIS8GvAXVf5lrkABo
Y+st4r45hPo674w+Odjvq8Uho/Oh28k45fliDzzNr2syImXzhLgcPOJmdl+z1EPU
5OgS3wgGo80qtUWaJ4GglYWqPG2jfVArUBmld55MTvb3dVuAZr/lQCHEF6QMSydv
4aS4drUCYeYkg2IOB9FPAaf7aSWSLX9KV/uwJzzGdON3e4w90pE0chSX/BwbCqlZ
mspR65VSEkWnDnOCFDDqYnqvq3gk433v1SYGJNiuKFPqre2qTEGBwQ==
=5Lzb
-----END PGP SIGNATURE-----

From jmoore3rd at bellsouth.net  Sat Aug 29 21:38:20 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Sun, 30 Aug 2009 00:38:20 -0400
Subject: [Enigmail] Nightly Build Corrects Enigmail Bar
Message-ID: <4A9A023C.4010804@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Enigmail version 0.97a (20090830-0554) indeed does have the [+] icon
available and expands the Enigmail Bar.

Thank You, Patrick!  Even though I was getting used to the single line
Enigmail Bar I am thrilled to have the expanded Bar back.  :-D

JOHN ;)
Timestamp: Sunday 30 Aug 2009, 00:38  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn5124: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKmgI0AAoJEBCGy9eAtCsPTRcH/Rho7WGmUkI/H3G903ODRsSn
KvIPrG9YdiYxcQYWrZB/j6tcJlEeGciNcUCzqsqmX0+o+r5FWkH0XB7YekbExePQ
YfxwDIY7V2o3HnTau285727V7H2JrukIDfZQ/PYSoWtl0Uyb4TmZao+OO3JrZOm0
+AApRFjrc/U5CbzQuvROBoe03DR8Qsgyp9LkffFyT50IsZkyFhEjIWg/JkbFSkNa
2KSX1LjjZcwQhzHgolvfo5OPAoLPmrStzUQNvc+tCE3y872Afwy4lzgMtmOsk1DC
PJcgrpcAKCM1MHa1W1PPj/ShAgsFKKHG9ymu76f4dq/e8Z1TUBsXidlzYMMg6DA=
=yuOU
-----END PGP SIGNATURE-----

From patrick at mozilla-enigmail.org  Sun Aug 30 04:15:50 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Sun, 30 Aug 2009 13:15:50 +0200
Subject: [Enigmail] Nightly Build Corrects Enigmail Bar
In-Reply-To: <4A9A5ABE.2080401@hammernoch.net>
References: <4A9A023C.4010804@bellsouth.net> <4A9A5ABE.2080401@hammernoch.net>
Message-ID: <4A9A5F66.7020109@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Ludwig H?gelsch?fer wrote:
> John W. Moore III wrote on 30.08.09 06:38:
>> Enigmail version 0.97a (20090830-0554) indeed does have the [+] icon
>> available and expands the Enigmail Bar.
>>
>> Thank You, Patrick!  Even though I was getting used to the single line
>> Enigmail Bar I am thrilled to have the expanded Bar back.  :-D
> 
> ;-)
> 
> Works also on Mac OS X. However, the icon "jumps" up and down a few
> pixels when clicking, so when toggling between expanded and collapsed
> view, one has to move the mouse. I'd prefer the icon to stay on place or
> a bigger icon.
> 
> Don't know how it behaves on Linux and Windows, though.

Same behavior on all platforms. I haven't found out yet how to keep the
icon in the top left corner, it's currently always relative to the
"OpenPGP:" header.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSppfZXcOpHodsOiwAQg0nQf8D67vh9XlLnnDoULnaAyYlVV/y3zrChey
9wynfYDXVGbfJahjsdWAFYnhxs7rKx6tRhA7etcu8hf9AukMOOJu9b0kA60hRUrS
3ZqxdIe1PGX2dfwrvhUcFb6mTvjTUx4Yx6aVLVBvaXqYBQre7V88NI8P4nFp5OQ2
FbRVNZSicHxikuPwNfn+AyDoD6XQDPzwce11vzm6XtgEaLFVDCdyqOHGxH4TAfPA
2CH6y1L9hku71mkr51a042lmsUxAbMHHuH0wpia2ULp9T5GreHM4pNel3ncKYjVv
eBvRtyF2o0RJ0T00ys7SkjDlkk7W2NyztScIIRhS7HGMqmLa0SyLGQ==
=xsG3
-----END PGP SIGNATURE-----