Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] .chan DNSSEC keys for 2017

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] .chan DNSSEC keys for 2017


Chronological Thread 
  • From: Niles Rogoff <nilesrogoff AT gmail.com>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] .chan DNSSEC keys for 2017
  • Date: Sat, 10 Dec 2016 13:27:47 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I'm pretty sure if you use gpg --clearsign, it automatically strips some whitespace for you before signing.
-----BEGIN PGP SIGNATURE-----

iQFFBAEBCAAvFiEEx9YcX+LvENZTiyRXt4uQjyNDD4AFAlhMSPkRHG5pbGVzQHJv
Z29mZi54eXoACgkQt4uQjyNDD4CwXgf/b+BJ31jzB/O2Lj3ePV/GP+KC+6BYQZvh
1pmbscdMzFqY/BRoN7N6Zde4lp0v7fx8KEvlzdDaiCbXFbuEwbV4h/JUGlW1sm4P
bIw2iLmKuhIB7dfoTkYfauvdylGqp2TOmqMo5IVZcfJTi0Y4spyoiUYEQiix7oCZ
OchyIUNazE7MMRMX2Z1i/Ku531aQK7YcBZ8jlc+D9R4K00c8eM79BKe5il6E2Wdl
qmTMEEoee2kBFn9XDSqD+i5ROweOXpm+bajqVhwQEyEtvt7jgV/zrrADVdqnFt+d
TH80AbArNzYD5OOQWb7e4Xcv1V40NaVEB9YXuKaIRIMy8fk5y/lFdg==
=v+2M
-----END PGP SIGNATURE-----

2016-12-10 13:27 GMT-05:00 Verax <verax AT 8chan.co>:
Yeah, PGP/MIME is mostly the same, but I think you have to mangle around
the separators to get it to validate.  Also, whitespace may bite you,
that's always a pain.

--Verax

simple AT sdf.org wrote:
> Probably my insistence on interacting with the online world as if it were
> still the 1990s is partly to blame; I still mostly use a CLI environment:
>
>   % > gpg --search-keys verax AT 8chan.co
>   gpg: searching for "verax AT 8chan.co" from hkp server keys.gnupg.net
>   (1)     Verax <verax AT 8chan.co>
>             3072 bit DSA key 0D12CB17, created: 2015-03-19
>   Keys 1-1 of 1 for "verax AT 8chan.co".  Enter number(s), N)ext, or Q)uit > 1
>   gpg: requesting key 0D12CB17 from hkp server keys.gnupg.net
>   gpg: key 0D12CB17: public key "Verax <verax AT 8chan.co>" imported
>   gpg: Total number processed: 1
>   gpg:               imported: 1
>
>   % mailx
>   ..
>   & |gpg
>   Pipe to: "gpg"
>   ..
>   gpg: Signature made Fri Dec  9 22:54:28 2016 PST using DSA key ID 0D12CB17
>   gpg: Good signature from "Verax <verax AT 8chan.co>"
>   gpg: WARNING: This key is not certified with a trusted signature!
>   gpg:          There is no indication that the signature belongs to the owner.
>   Primary key fingerprint: 87C2 37C6 B247 C3C2 25DC  A733 8FCD 9863 0D12 CB17
>   "gpg" 72/3182
>
> The previous message (with the PGP/MIME sig) had signature.asc attached
> but perhaps the format is different.  Also I don't think gpg (not gpg2)
> has a PGP/MIME option; didn't see it mentioned in the manpage.
>
> --Jeff
>
> Verax <verax AT 8chan.co> wrote:
>> Urk.  Enigmail verifies it on my end.  How did you download it?
>>
>> This is definitely my fault for using PGP/MIME.  I've attached a
>> clearsigned copy for you.
>>
>> --Verax
>>
>> simple AT sdf.org wrote:
>>> Verax <verax AT 8chan.co> wrote:
>>>
>>>> Greetings and merry Christmas to the OpenNIC community.
>>>>
>>>> 2016 has come to an expiration, and so have our keys. The 2017 KSK and
>>>> 2017 January ZSK will be added to the zone on 2016-12-15, and become
>>>> active on 2017-01-01.
>>>>
>>>> I'm including them here (signed with my PGP key) to verify them for
>>>> anyone who cares about that sort of thing.
>>>> ..
>>>
>>> % gpg --verify /var/tmp/signature.asc /var/tmp/verax.txt
>>> gpg: Signature made Fri Dec  9 19:55:57 2016 PST using DSA key ID 0D12CB17
>>> gpg: BAD signature from "Verax <verax AT 8chan.co>"
>>>      ^^^
>>>
>>>
>>>
>>>
>>> --------
>>> You are a member of the OpenNIC Discuss list.
>>> You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org





Archive powered by MHonArc 2.6.19.

Top of Page