On 02/25/16, mark lewis pondered and said...

i forget if this echo is the discussion or the key sharing echo... i didn't even pay attention when i first responded... there's two echos in fidonet for public key stuffs...

Yep it's the discussion echo and I have posted my public key (I hope) to the other echo but will do so here also.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2

mQENBFbQA4wBCADFCy9Zf4wNaD6WHdSM2NujhEol4TcIuQrJuJdZOAw4OzGoi3ln UPUFRpzmQI8da7AYbnyHz8qTA0y+Bjstor6Xh3Vaxf48+f/LRelJ+9WillaLXm4g BstEDQOXW/q2EIGkVjtLxlHaL4z/nDa3ehoSStbVtUqDWF06Tj22rcDFO4NkdvQg Gn4/Om/izVB032hCxn+hBmsKLAoB05bZDWzqOdAVGjYDipa4bYZoAyRRz82n25Og qI/kYOb/OkHOqtBjXFsqpvr0MdypysWeQb+3ei8WMDLiSuUt1x/a4eLeIEreTkjj wB/oGTJQz+MkG8Hw5F1+t3taCSgi2zh//lG/ABEBAAG0HlBhdWwgSGF5dG9uIDxh dm9uQGJicy5nZWVrLm56PokBOQQTAQgAIwUCVtADjAIbAwcLCQgHAwIBBhUIAgkK CwQWAgMBAh4BAheAAAoJELgXKggMEBiWgsoH/0D7tw76nGryjuOD8c8aUJtei7+i hupnxnteKmz1ySrO0DXEUtDRPc8fJysRKnqMNUPjeoAqgMzmD1FQcTxhomkd5PpN 5Ze0rwr6zHSkmfM98TC/bGv668PnnahopDkZbpb5tbmtNT6s5p/ICoT1qB0/J8ac gKa734ZenseW2nWQNF2QVQAiaw9J9bZ8PqY2hEkGCepKOTBfynQP3u16fBB1VY+q +b0DbPQ4B3MdSIkIysU+ZrOzSsGySEC65HXPTq7GLy3hN/9V0qzWPAjgGgEK6Lc8 f4ZyrW+pRHkBzlD7xg54uASrIc6OJ98+stg6XmNo4jjOeQdzWF2PoVaUkVe5AQ0E VtADjAEIAJp1Km/m5JX/mR8l1z++ulkvJ2oMxj2GqxupgMNRs5PWbBLgnsJx/RfS qbULI1oLMczooHGRm+W5GNMfXCnTMrAbbpbYJwUVypfha8ZLqyRwXoCvEJ3ZNz2k y7PTZ1BSMfCVASKLMZ2ShXjJy+WYoMADPSBxr1NGGFllSACr+bOOWhNhdbIA6tvG J06IssvqMXWvGq5NoG3EfmuVC/icrGoUFz+Muuo9LsNkXQjavUFfhhBMMuMRjPKB CbTp0bxcQFKV2HmVeKQ5JUvtlKG/97ixN2ZXURnRSsgys+Bc0h5lslki98od0d5Z TmL5JO/RnMA5uBtHCwOj8ZmcoOlbywsAEQEAAYkBHwQYAQgACQUCVtADjAIbDAAK CRC4FyoIDBAYlp+wB/4lgYlXZHqi+GZnrN2QAP9ahH6v7gITDFU7/UUNWrHbHAmM gNjHa+649ICXfiqVUUAwJwc/b7NZCFc2XXMlsuz78Objd766tLa3Q79e+NiculDm rRAgHLqO7BK9lJnL8JlOFMcxQSeirPUFfRtuCs6L+EB0o4SzBU/M8fVMorpBmHS4 4VJQDnLQDk1j67Aek5ZK92WrpOPy1RG4RKCEYrMC1eTZEhS8O0DBuvX7GukhRrrj wSaq1PLw8QZhjgxPZJvwyYbk82rpYqoTYYzeKjmyCLv2DGytX5erwOSScM8hqFO4 Ghaj1R2+c1zFjFRG42A7yIv8npk6gXtIeaXS6o5E
=3o/3
-----END PGP PUBLIC KEY BLOCK-----

I will follow this message with a test post I hope you can decode?

--- Mystic BBS v1.12 A5 (Windows)
* Origin: Agency BBS | telnet://agency.bbs.geek.nz (3:770/100)

On 02/24/16, mark lewis pondered and said...

it works two ways...

1. if you post a message encrypted with your PRIVATE key, anyone with
your PUBLIC key can decrypt it... that proves it was you that encrypted

The issue I am having is using the tool I have come across to do just that.
Use my Private key to encrypt something that can be unlocked by the PUBLIC
key. It would appear gpg4win does not allow this and in a way I can
understand why as it flys in the face of what I think the PUBLIC vs PRIVATE keys are to be used for (I think)

--- Mystic BBS v1.12 A5 (Windows)
* Origin: Agency BBS | telnet://agency.bbs.geek.nz (3:770/100)

26 Feb 16 21:33, you wrote to me:

On 02/25/16, mark lewis pondered and said...

i forget if this echo is the discussion or the key sharing echo... i
didn't even pay attention when i first responded... there's two echos
in fidonet for public key stuffs...

Yep it's the discussion echo and I have posted my public key (I hope)
to the other echo but will do so here also.

that's fine... i saw it over there ;)

[trim]

I will follow this message with a test post I hope you can decode?

one way or the other i should be able to... i doubt i can with my old pgp 2.6.2
stuff, though... i hate to lose that, though, because 1) it still works for me and 2) my keys over there are signed by others... i much prefer to try to retain my existing keys and use them with the newer stuff... i'll have to play sometime but first i have to find some time...

)\/(ark

Always Mount a Scratch Monkey

... I am Canadian so I use my snowblower year round.
---
* Origin: (1:3634/12.73)

26 Feb 16 22:34, you wrote to me:

it works two ways...

1. if you post a message encrypted with your PRIVATE key, anyone with
your PUBLIC key can decrypt it... that proves it was you that
encrypted

The issue I am having is using the tool I have come across to do just that. Use my Private key to encrypt something that can be unlocked by
the PUBLIC key. It would appear gpg4win does not allow this and in a
way I can understand why as it flys in the face of what I think the
PUBLIC vs PRIVATE keys are to be used for (I think)

the thing is that they are opposites... what is done with one can only be undone with the other...

[time passes]

i was able to export my keyrings from my pgp and import them into this gpg... i
imported your signature, too... then i tried decrypting that message but apparently this is what you were talking about above...

i went hunting gpg4win command line options to see what is available... uuugh... with pgp it was a simple task but now i can't find the details... it looks like encrypting with the public key is the only way allowed now... but as
long as it has been, i may be confusing some things... even in the old pgp documentation i have, it says that signing is done with the secret key (of course) and then encryption is done with the recipient's public key... more than one recipient can be specified, too... it has been a really long time, though...

heck, my key was generated in 1992 and has only been updated a couple of times since then... i need to update it again with a new email address as well as indicating that the old one is no longer valid... i gotta figure out how to do that all over again and then try to get it back over here into gpg... no way in
hell i'm going to try to go the other way from gpg to pgp... probably wouldn't work anyway :lol:

[time passes]

ok, got my key updated but it is really weird that pgp shows the new items at the top of the list and gpg shows them at the bottom where they're likely to be
missed... hummm...

)\/(ark

Always Mount a Scratch Monkey

... Friendly fire - ISN'T !
---
* Origin: (1:3634/12.73)

On 02/26/16, mark lewis pondered and said...

that. Use my Private key to encrypt something that can be unlocked by the PUBLIC key. It would appear gpg4win does not allow this and in a way I can understand why as it flys in the face of what I think the PUBLIC vs PRIVATE keys are to be used for (I think)

i was able to export my keyrings from my pgp and import them into this gpg... i imported your signature, too... then i tried decrypting that message but apparently this is what you were talking about above...

Yep. Using the windows UI it seems there is only one option and thats encode using others public certificates and also include my own so I can open as
well what I encode if I want.

details... it looks like encrypting with the public key is the only way allowed now... but as long as it has been, i may be confusing some things... even in the old pgp documentation i have, it says that signing is done with the secret key (of course) and then encryption is done with the recipient's public key... more than one recipient can be specified, too... it has been a really long time, though...

Yep you encrypt with their public and your private, they decode with their private key and your public one. That seems to be the way.

heck, my key was generated in 1992 and has only been updated a couple of times since then... i need to update it again with a new email address
as well as indicating that the old one is no longer valid... i gotta figure out how to do that all over again and then try to get it back
over here into gpg... no way in hell i'm going to try to go the other
way from gpg to pgp... probably wouldn't work anyway :lol:

Yep I found a couple I created some time ago and one I will likely never be able to remove and have long since lost the private key. The other (more of a test) I had the foresight to make it expire a couple of years in the future from when I created it.

ok, got my key updated but it is really weird that pgp shows the new
items at the top of the list and gpg shows them at the bottom where they're likely to be missed... hummm...

Not sure about this...

When I tried to import your PGP key into gpg4win it borked and did not like
it. I'll try it again now.

[time passes]

what I am trying to suck in won't work and it says it's a cert without a user ID.

I'll keep trying but for now I seem unable to progress setting up a public certificate entry in my software for you.

[time passes]

I found an entry for waldo kitty with a key ID of B60C20C5 but it won't
import. There are other entries for Mark Lewis but it's unclear which if any are yours.

--- Mystic BBS v1.12 A5 (Windows)
* Origin: Agency BBS | telnet://agency.bbs.geek.nz (3:770/100)

27 Feb 16 15:26, you wrote to me:

ok, got my key updated but it is really weird that pgp shows the new
items at the top of the list and gpg shows them at the bottom where
they're likely to be missed... hummm...

Not sure about this...

When I tried to import your PGP key into gpg4win it borked and did not like it. I'll try it again now.

[time passes]

what I am trying to suck in won't work and it says it's a cert without
a user ID.

i did have to use --allow-non-selfsigned-uid when i imported my public keyring but my keys are signed by myself...

I'll keep trying but for now I seem unable to progress setting up a
public certificate entry in my software for you.

i don't know... i certainly am not going to pay someone to certify that i am who i say i am... in the same way as i won't pay for advertising my products...
i prefer word of mouth... it is more trustworthy ;)

[time passes]

I found an entry for waldo kitty with a key ID of B60C20C5 but it won't import. There are other entries for Mark Lewis but it's unclear which if any are yours.

that key id is mine... there are numerous ids associated with it... here's what
it looks like from pgp 2.6.2... notice how the wkitty42@gmail.com address is listed first followed by "domain alltel.net is dead" which is then followed by the dead wkitty42@alltel.net address... sure, i could remove those dead ids but
then folks who know me by them wouldn't be able to use them to contact me... by
doing it this way, we can send a message to use another id and why... possibly later those old ids may be removed but the preference it not to remove them... maybe i need to sign that new gmail.com id? hummm...

===== snip =====
Key ring: 'x:\pgp\pubring.pgp', looking for user ID "0xb60c20c5".
Type bits/keyID Date User ID
pub 1024/B60C20C5 1992/11/30 waldo kitty <wkitty42@gmail.com>
domain alltel.net is dead
waldo kitty <wkitty42@alltel.net>
mlewis@wpusa.dynip.com
domain *.cssnet.sanford.nc.us is dead.
Mark Lewis <mlewis@wplace.cssnet.sanford.nc.us>
waldo kitty <wkitty@wplace.cssnet.sanford.nc.us>
Mark Lewis <1:3634/12@fidonet.org>
1 matching key found.
===== snip =====


so now look at how gpg lists the ids...

===== snip =====
$ gpg --list-keys 0xb60c20c5
pub 1024R/B60C20C5 1992-11-30
uid waldo kitty <wkitty42@alltel.net>
uid mlewis@wpusa.dynip.com
uid domain *.cssnet.sanford.nc.us is dead.
uid Mark Lewis <mlewis@wplace.cssnet.sanford.nc.us>
uid waldo kitty <wkitty@wplace.cssnet.sanford.nc.us>
uid Mark Lewis <1:3634/12@fidonet.org>
uid waldo kitty <wkitty42@gmail.com>
uid domain alltel.net is dead
===== snip =====

i don't know why gpg lists those at the bottom of the stack instead of at the top... i added them with pgp on the pgp system and then exported them again... maybe i need to remove them from my gpg rings, export them from pgp again and import them again?

)\/(ark

Always Mount a Scratch Monkey

... 74. Be a good listener. Don't just take your turn to talk.
---
* Origin: (1:3634/12.73)

On 02/27/16, mark lewis pondered and said...

27 Feb 16 15:26, you wrote to me:

Mark - can you flick me a netmail please to 3:770/100 and confirm when you
get my reply. I am uncertain but wondering if the connection between us is working?

Best, Paul

--- Mystic BBS v1.12 A5 (Windows)
* Origin: Agency BBS | telnet://agency.bbs.geek.nz (3:770/100)

28 Feb 16 11:14, you wrote to me:

27 Feb 16 15:26, you wrote to me:

Mark - can you flick me a netmail please to 3:770/100 and confirm when you get my reply. I am uncertain but wondering if the connection between us is working?

done... if you are talking about your netmail you sent to me, i did check the main machine and it was there... i just haven't responded to it... sorry...

)\/(ark

Always Mount a Scratch Monkey

... Don't give up on a good theory just because its wrong.
---
* Origin: (1:3634/12.73)

On 02/28/16, mark lewis pondered and said...

done... if you are talking about your netmail you sent to me, i did
check the main machine and it was there... i just haven't responded to it... sorry...

I should have read this reply first. Thanks, yep all good, your test message arrived and my reply has been sent - many thanks :)

--- Mystic BBS v1.12 A5 (Windows)
* Origin: Agency BBS | telnet://agency.bbs.geek.nz (3:770/100)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Testing out PGP after taking a long break.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEcuwocisAPZIfHiqhO7S1uws2sj4FAl7z2YAACgkQO7S1uws2 sj4gdBAAo/QgyFpmiAH1Yg6GefogwQer4e4o620N31C4fqxj7Q9yvWtEU6DVAe2+ vxYChCCf/TUJrqGaZj+AwkiEwk4W2vWwJESzkHtV+HJxKZyMQ9Nrqxt8rEXnQzAT w42Zti6VTyXVCxoAYXW1VkNLi/Nrd/b3drn9UPzutEDSwpIZi1hHuWlJ/GzX7nsm DDEQgtxLhecjAynd20Rcmb8DaHuw5P5VYfjQDLT8aMAEOQPRoREXkxAnHasvs3Cl 7G/6Phcf5/Vx3lPjiVocGNaYAXh2k58yB63YrGKTMvJU7hkRA+7Bf8C5VqejEjeb wKML3pqmy7zj4E+tSpIVo6QCQhi4MOB4DhsQFi274TSAMRSTa2bT3XAhR5gAWnFQ vzSYLZB7uv099rv6X3hJQqFZicxIgToLKBUfl0n3qGD7dph0ojKW5PHeO7VZuwHg 9sn++tS6a2GMu4SkNdR0fuW2mKuKd2DbECUq+BtWMDCb1gc5chrZLEGwiimGd4os k+cKmIA1zfMyKbuFtCrK4e+xZG7DFQG6Hi4j5C/8PnXYnqizpGvSYPo8zWTw+GLy QwX0EYpQz6gSYi2jZGHymUOl/7qcddbbDu+YksDKkzjmOnq7JkIUMU6OA5dmpvB2 9zceYQxF5p1ras4IM6cPUhkc7YBW4R0YNtWtHWLr1w8OICehzcI=
=cXIx
-----END PGP SIGNATURE-----

--- Mystic BBS v1.12 A46 2020/06/11 (Windows/32)
* Origin: Northern Realms BBS | bbs.nrbbs.net | Binbrook, ON (1:229/664)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 25.6.2020 1.57, Jay Harris wrote:

********* *BEGIN ENCRYPTED or SIGNED PART* *********

Testing out PGP after taking a long break.

********** *END ENCRYPTED or SIGNED PART* **********

--- Mystic BBS v1.12 A46 2020/06/11 (Windows/32) * Origin: Northern
Realms BBS | bbs.nrbbs.net | Binbrook, ON (1:229/664)

Looks fine. :)





-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEQTJnraOsQBoYwCPS0ikymSpvgioFAl70QkoACgkQ0ikymSpv girC8Qf/Uyzzua8ZYeLsa/51HnSrr/1Jn4eDEsrE2a8SHhRXV6IkEwtsxFhaqGut eTxR165I9Tc/MLztgs0cieZrL2MJWgUawSPlogo6C4vNSE+k3v6DET3H7ScwIxSR /Lb/ROvlJtj9ihXyiSGzegtPPxEwKgF19h9tU4Ue4mJp4Zl+7XHzi3CXC6ogu5vX /CAWJKnjrpcWJhnMKvnfk+nJFszWKkuR9TENJ3xuROXzHs+mB7N0WD37Gar35aro kh4oJWGmRj8feAFWyXLyAnXXvyAUGAnpTKZ65HdE/Kzb687Hz/obGVZRFBHsEBPc ULshRIxgoJnh9ibzc6AJZrY8+1Nxlw==
=kf9S
-----END PGP SIGNATURE-----

--- Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0
* Origin: nntp://rbb.fidonet.fi - Lake Ylo - Finland (2:221/360.0)

Hi Jay,

On 2020-06-24 18:57:32, you wrote to All:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Testing out PGP after taking a long break.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEcuwocisAPZIfHiqhO7S1uws2sj4FAl7z2YAACgkQO7S1uws2 sj4gdBAAo/QgyFpmiAH1Yg6GefogwQer4e4o620N31C4fqxj7Q9yvWtEU6DVAe2+ vxYChCCf/TUJrqGaZj+AwkiEwk4W2vWwJESzkHtV+HJxKZyMQ9Nrqxt8rEXnQzAT w42Zti6VTyXVCxoAYXW1VkNLi/Nrd/b3drn9UPzutEDSwpIZi1hHuWlJ/GzX7nsm DDEQgtxLhecjAynd20Rcmb8DaHuw5P5VYfjQDLT8aMAEOQPRoREXkxAnHasvs3Cl 7G/6Phcf5/Vx3lPjiVocGNaYAXh2k58yB63YrGKTMvJU7hkRA+7Bf8C5VqejEjeb wKML3pqmy7zj4E+tSpIVo6QCQhi4MOB4DhsQFi274TSAMRSTa2bT3XAhR5gAWnFQ vzSYLZB7uv099rv6X3hJQqFZicxIgToLKBUfl0n3qGD7dph0ojKW5PHeO7VZuwHg 9sn++tS6a2GMu4SkNdR0fuW2mKuKd2DbECUq+BtWMDCb1gc5chrZLEGwiimGd4os k+cKmIA1zfMyKbuFtCrK4e+xZG7DFQG6Hi4j5C/8PnXYnqizpGvSYPo8zWTw+GLy QwX0EYpQz6gSYi2jZGHymUOl/7qcddbbDu+YksDKkzjmOnq7JkIUMU6OA5dmpvB2 9zceYQxF5p1ras4IM6cPUhkc7YBW4R0YNtWtHWLr1w8OICehzcI=
=cXIx
-----END PGP SIGNATURE-----

# gpg --verify jay.msg
gpg: Signature made Thu 25 Jun 2020 12:53:52 AM CEST using RSA key ID 0B36B23E gpg: Good signature from "Jay Harris <jay@harris.cx>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 72EC 2872 2B00 3D92 1F1E 2AA1 3BB4 B5BB 0B36 B23E


Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

On 25 Jun 2020, Wilfred van Velzen said the following...

# gpg --verify jay.msg
gpg: Signature made Thu 25 Jun 2020 12:53:52 AM CEST using RSA key ID 0B36B23E gpg: Good signature from "Jay Harris <jay@harris.cx>" [unknown] gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 72EC 2872 2B00 3D92 1F1E 2AA1 3BB4 B5BB 0B36 B23E

Thank you sir!

Jay

--- Mystic BBS v1.12 A46 2020/06/11 (Windows/32)
* Origin: Northern Realms BBS | bbs.nrbbs.net | Binbrook, ON (1:229/664)

Hello Jay!

24 Jun 20 18:57, you wrote to all:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Testing out PGP after taking a long break.
-----BEGIN PGP SIGNATURE-----

gpg --decrypt < test.asc
Testing out PGP after taking a long break.
gpg: Signature made Wed 24 Jun 23:53:52 2020 IST
gpg: using RSA key 72EC28722B003D921F1E2AA13BB4B5BB0B36B23E
gpg: Good signature from "Jay Harris <jay@harris.cx>" [unknown]
gpg: WARNING: Using untrusted key!

Sean


--- GoldED+/LNX 1.1.5-b20180707
* Origin: A Destination in the Sun (2:263/1)