Oh good, I quess I will not buy, because I do not have A DVD. Thanks for the info. Roger Gardner -----Ursprüngliche Nachricht----- Von: Thorsten Kukuk [mailto:kukuk@suse.de] Gesendet: Donnerstag, 13. März 2003 10:15 An: Schulz Georges Betreff: Re: [SLE] 8.2 Announced On Thu, Mar 13, Schulz Georges wrote:
Then why is there only 5 CD's?
Because the sources are only on the second DVD. -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE Linux AG Deutschherrnstr. 15-19 D-90429 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
On Thursday 13 March 2003 12:54, Marshall Heartley wrote:
This is a VERY POOR judgement call on your part SuSE!!! I like a few others on this list do not own a DVD drive but now you insist on putting the sources on a DVD??? What good is that going to do me??? Especially if I need to recompile something. I guess it is to cut down on cost but without the sources, you are no better than MS and like I stated before, others like me do not have broadband to download the sources. So what do users without a DVD and broadband do? I guess you are telling us like MS that we need to change our hardware!!!! What next activation??
heh You don't think you're - I don't know - overreacting, or something? Without a cdrom you can't install it either, only old slackware distros are shipped on floppies. Evil conspiracy? With a 486 you can't install it, since all packages are compiled for i586. Evil conspiracy? Come join the 21st century. It's fun here
Oh good, I quess I will not buy, because I do not have A DVD. Thanks for the info.
Looks like I will not either!
On Thu, Mar 13, Schulz Georges wrote:
Then why is there only 5 CD's?
Because the sources are only on the second DVD.
This is a VERY POOR judgement call on your part SuSE!!! I like a few others on this list do not own a DVD drive but now you insist on putting the sources on a DVD??? What good is that going to do me??? Especially if I need to recompile something. I guess it is to cut down on cost but without the sources, you are no better than MS and like I stated before, others like me do not have broadband to download the sources. So what do users without a DVD and broadband do? I guess you are telling us like MS that we need to change our hardware!!!! What next activation??
-- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE Linux AG Deutschherrnstr. 15-19 D-90429 Nuernberg --------------------------------------------------------------------
-- Marshall "Nothing is impossible, We just do not have all the anwsers to make the impossible, possible."
Marshall Heartley wrote:
This is a VERY POOR judgement call on your part SuSE!!! I like a few others on this list do not own a DVD drive but now you insist on putting the sources on a DVD???
http://search.ebay.com/search/search.dll?query=dvd+drive *sheesh*
heh
Intelligent first start
You don't think you're - I don't know - overreacting, or something?
Hmmm.... NO I guess that you have a DVD drive or broadband.
Without a cdrom you can't install it either, only old slackware distros are shipped on floppies. Evil conspiracy?
No evil conspiracy. Look at the situation. People on this list reported issues with DVD's. Some with success some have horror sotries. All that I was stating was why do I need to change hardware to get everything that I need???? I still think that it is a lack of judgement.
With a 486 you can't install it, since all packages are compiled for i586. Evil conspiracy?
I'm aware of that! I only have a 486 laptop here. I know that they changed the way SuSE was compiled for performance reasons. If I needed to install something on a 486, I still own copies of Linux that will install on a 486.
Come join the 21st century. It's fun here
You must not be. If you are talking about my hardware, I right now don't have the funds and even so, I want the code for the DVD's to mature. I do not want to buy a DVD and then find out that it will not work! Now if you are taking a pop-shot at my ideals, then all I have to say is that that is VERY immature! Why don't you look at others point of views BEFORE shooting off your ideas! Obviously, you don't. That is sad. According to the way you think, I guess now SuSE being like MS is OK. -- Marshall "Nothing is impossible, We just do not have all the anwsers to make the impossible, possible."
On Thursday 13 March 2003 13:15, Marshall Heartley wrote:
heh
Intelligent first start
I believe "heh" is common vernacular to illustrate a brief, derisive chuckle
You don't think you're - I don't know - overreacting, or something?
Hmmm.... NO I guess that you have a DVD drive or broadband.
Indeed
Without a cdrom you can't install it either, only old slackware distros are shipped on floppies. Evil conspiracy?
No evil conspiracy. Look at the situation. People on this list reported issues with DVD's. Some with success some have horror sotries. All that I was stating was why do I need to change hardware to get everything that I need????
I think you're sort of missing the point here. Noone is forcing you to buy it. You can get all the sources (yes, *all* the sources) completely gratis either from the internet by downloading yourself, or by getting a friend to download it and give it to you. Now you tell me, why should I have to suffer with old technology simply because you and a handful of others won't get a dvd drive? You have chosen to remain with older technology, that's fair enough, that's your choice.
I still think that it is a lack of judgement.
With a 486 you can't install it, since all packages are compiled for i586. Evil conspiracy?
I'm aware of that! I only have a 486 laptop here. I know that they changed the way SuSE was compiled for performance reasons. If I needed to install something on a 486, I still own copies of Linux that will install on a 486.
And you still have copies of linux that has everything on cdrom. Any significant upgrades maybe gotten from the internet at your leisure.
Come join the 21st century. It's fun here
You must not be. If you are talking about my hardware, I right now don't have the funds and even so,
If you don't have the funds to get a dvd drive then you don't have the funds to upgrade to every version of suse that gets published. And guess what: *you don't have to*
I want the code for the DVD's to mature. I do not want to buy a DVD and then find out that it will not work! Now if you are taking a pop-shot at my ideals,
I don't know what a pop-shot is, and if your ideals consist of having linux distros cater to the lowest common denominator, then get one that does just that. Any changes SuSE has made are/will be freely available. How very MS, right?
then all I have to say is that that is VERY immature!
Hm, let me see. You say that SuSE are like MS just because they won't serve everything to you on 8-track magnetic tape for your PDP-11 and *I'm* immature?
Why don't you look at others point of views BEFORE shooting off your ideas! Obviously, you don't. That is sad. According to the way you think, I guess now SuSE being like MS is OK.
And you were how old again?
"Nothing is impossible,
Except, apparently, getting a dvd drive
Dear Friends, I have been reading the talks between pro SuSE's and ones that have been tallying SuSE with MS. 1) Windows costs almost 2-3 times the price of SuSE Pro. 2) Almost 75-80% of the included software is free and included is it's source code too. 3) If something does go flat on a SuSE system, there are optional ways to correct it and help from this world of Linux Geniuses. 4) You have the option of making things work in contemporary and nostalgic ways on SuSE. 5) I have SuSE 7.3 - 8.0 and 8.1 and have been saving for 8.2 since its announcement. But in Windows I have stuck to Win98SE due to its erratic behaviour as it hangs up almost every three or so hours, I would not go for any more windows upgrades(2000, Millenium, XP,) as I have been hearing of various reasons that prove its instability, there aren't much strong security features unless you used NT and I doubt that too has any standards one can approve of! 6) And DVD drives can be upgraded and bought incase things do not work right, but would I sacrifice all the above quality of SuSE or any Linux system for that matter just because my DVD drive messes up and the others have working hardware that does not? Lets be reasonable my friends. Sincerely, ABHIJIT NAIK On Thu, 13 Mar 2003, Bryan Tyson wrote:
On Thursday 13 March 2003 07:15, Marshall Heartley wrote:
I guess now SuSE being like MS is OK.
That is a silly remark. How much source did you receive with your last Windows release?
*************************************************** Powered by SuSE Linux 8.0 Professional KDE 3.0.0 KMail 1.4 This is a Microsoft-free computer
Bryan S. Tyson bryantyson@earthlink.net ***************************************************
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
On Thursday 13 March 2003 07:15, Marshall Heartley wrote:
I guess now SuSE being like MS is OK.
That is a silly remark. How much source did you receive with your last Windows release? *************************************************** Powered by SuSE Linux 8.0 Professional KDE 3.0.0 KMail 1.4 This is a Microsoft-free computer Bryan S. Tyson bryantyson@earthlink.net ***************************************************
<snip>
http://search.ebay.com/search/search.dll?query=dvd+drive
*sheesh*
Thanks for the info but you miss the point entirely. I was stating why do you have to get new hardware in order to get the sources that you need? -- Marshall "Nothing is impossible, We just do not have all the anwsers to make the impossible, possible."
You don't. And that is the point. The sources are all available online, just as before. SuSE just moves with the times. Most computers today that will install SuSE Professional 8.2 will be equipped with a DVD drive. It really is as simple as that. On Thu, 2003-03-13 at 14:07, Marshall Heartley wrote:
<snip>
http://search.ebay.com/search/search.dll?query=dvd+drive
*sheesh*
Thanks for the info but you miss the point entirely. I was stating why do you have to get new hardware in order to get the sources that you need?
-- Marshall
"Nothing is impossible, We just do not have all the anwsers to make the impossible, possible." -- Anders Karlsson
Trudheim Technology Ltd
I believe "heh" is common vernacular to illustrate a brief, derisive chuckle I musunderstood the context of which it was intended. I apologize.
Without a cdrom you can't install it either, only old slackware distros are shipped on floppies. Evil conspiracy?
No evil conspiracy. Look at the situation. People on this list reported issues with DVD's. Some with success some have horror sotries. All that I was stating was why do I need to change hardware to get everything that I need????
I think you're sort of missing the point here. Noone is forcing you to buy it. You can get all the sources (yes, *all* the sources) completely gratis either from the internet by downloading yourself, or by getting a friend to download it and give it to you.
True that no one is twisting my arm to purchase it. But on your point of having a freind download it for me, Why? When you buy the distro you should have the sources there that you can use. I guess that a DVD drive is still accessable but as I do not have a DVD drive, they become inaccessable.
Now you tell me, why should I have to suffer with old technology simply because you and a handful of others won't get a dvd drive?
How said that you have to suffer? I did not state that. But the ones of us who do not have a DVD drive it seems have been made to suffer by this.
You have chosen to remain with older technology, that's fair enough, that's your choice.
Fair enough
I still think that it is a lack of judgement.
With a 486 you can't install it, since all packages are compiled for i586. Evil conspiracy?
I'm aware of that! I only have a 486 laptop here. I know that they changed the way SuSE was compiled for performance reasons. If I needed to install something on a 486, I still own copies of Linux that will install on a 486.
And you still have copies of linux that has everything on cdrom. Any significant upgrades maybe gotten from the internet at your leisure.
Yeah with several hours worth of downloads.
Come join the 21st century. It's fun here
You must not be. If you are talking about my hardware, I right now don't have the funds and even so,
If you don't have the funds to get a dvd drive then you don't have the funds to upgrade to every version of suse that gets published.
And guess what: *you don't have to*
Fair enough. I usually try for the upgrade. I usually can get that and it usually is cheaper than a DVD. Now from what I hear from you is that not only will I (if I decide to purchase) have to get the distro but I have to get hardware too?
I want the code for the DVD's to mature. I do not want to buy a DVD and then find out that it will not work! Now if you are taking a pop-shot at my ideals,
I don't know what a pop-shot is, and if your ideals consist of having linux distros cater to the lowest common denominator, then get one that does just that. Any changes SuSE has made are/will be freely available. How very MS, right?
You sort of missed the point here. My arguement was that in order to do everything that I was able to in Linux (recompiling programs) cannot be done by us who either cannot get a DVD because of funds or don't want to. Especially when you pay extra for not only the tools but the sources as well.
then all I have to say is that that is VERY immature!
Hm, let me see. You say that SuSE are like MS just because they won't serve everything to you on 8-track magnetic tape for your PDP-11 and *I'm* immature?
Well call it like you see it. I had to change hardware in a machine in the house for XP and from your standpoint, I have to change hardware again for SuSE.
Why don't you look at others point of views BEFORE shooting off your ideas! Obviously, you don't. That is sad. According to the way you think, I guess now SuSE being like MS is OK.
And you were how old again?
Old enough to see others point of view which you obviously will not see but that is your choice.
"Nothing is impossible,
Except, apparently, getting a dvd drive
Here is a example of a pop-shot FYI -- Marshall "Nothing is impossible, We just do not have all the anwsers to make the impossible, possible."
On Thu, 2003-03-13 at 08:37, Bryan Tyson wrote:
On Thursday 13 March 2003 07:15, Marshall Heartley wrote:
I guess now SuSE being like MS is OK.
That is a silly remark. How much source did you receive with your last Windows release? As far as source is concerned, there was none. But my point is that I now have to do a MS thing by buying new hardware in order to do what I was able to do before. That is what I was comparing SuSE to.
-- Marshall "Nothing is impossible, We just do not have all the anwsers to make the impossible, possible."
On Thu, 2003-03-13 at 09:20, Anders Karlsson wrote:
You don't. And that is the point. The sources are all available online, just as before. SuSE just moves with the times. Most computers today that will install SuSE Professional 8.2 will be equipped with a DVD drive. It really is as simple as that.
Maybe so but what about those who want to use their existing machines and have no knowledge to install DVD drives? Yes there are people out there like that. I know that the sources are on the net. But by that logic, you might as well get the personal edition and download what you need off the site. I paid for the pro version to try and avoid doing just that. Because dialup is painfully slow. -- Marshall "Nothing is impossible, We just do not have all the anwsers to make the impossible, possible."
On Thursday 13 March 2003 15:33, Marshall Heartley wrote:
You sort of missed the point here. My arguement was that in order to do everything that I was able to in Linux (recompiling programs) cannot be done by us who either cannot get a DVD because of funds or don't want to. Especially when you pay extra for not only the tools but the sources as well.
I don't think you see what it is that makes Microsoft Microsoft. The key concept is *lock-in*. There are no win32 alternatives to Microsoft, so when they say "you have to have this hardware to run windows", you can either get the hardware or refrain from upgrading. In the case of MS those are your only options, since there is no competition. With SuSE and with linux, there is no lock-in. If SuSE or Red Hat does something you don't like, such as move to a DVD based distro, you can switch to a different distro more suited to your hardware. There are plenty of options available to you. It's called choice. When a linux distro starts using lock-ins (however that would work), *then* you can start screaming Microsoft. Until then, the argument simply doesn't apply.
then all I have to say is that that is VERY immature!
Hm, let me see. You say that SuSE are like MS just because they won't serve everything to you on 8-track magnetic tape for your PDP-11 and *I'm* immature?
Well call it like you see it. I had to change hardware in a machine in the house for XP and from your standpoint, I have to change hardware again for SuSE.
And you had to get an nVidia card if you wanted to play unreal tournament 2003. These things happen. If you don't upgrade your hardware you won't be able to use all the new things technology has to offer. This shouldn't be a surprise. Incidentally, the thing about XP that makes it evil isn't that it required new hardware. It's that they were/are trying to force people to upgrade, using things like License 6.0 and end-of-life of older versions. That, combined with lack of choice and competition, makes for evil, not increased hardware demands.
On Thursday 13 March 2003 8:54 am, Marshall Heartley wrote:
On Thu, 2003-03-13 at 09:20, Anders Karlsson wrote:
You don't. And that is the point. The sources are all available online, just as before. SuSE just moves with the times. Most computers today that will install SuSE Professional 8.2 will be equipped with a DVD drive. It really is as simple as that.
Maybe so but what about those who want to use their existing machines and have no knowledge to install DVD drives? Yes there are people out there like that. I know that the sources are on the net. But by that logic, you might as well get the personal edition and download what you need off the site. I paid for the pro version to try and avoid doing just that. Because dialup is painfully slow.
I've been trying to avoid this thread, but can't resist anymore.... I Boldly Assert (tm) that the subset of users who want / need access to the sources has a large overlap with the subset of users who are able to install DVD drives on their systems. Computer newbies who can't figure out or choose not to figure out how to install a DVD drive are, IMHO, unlikely to have a desire to access the sources. And, as has been pointed out by many, the sources still *are* available, albeit on a different medium, and are available on-line. Now, can we please let this thread die as it should??? Thanks -Nick
On Thu, 2003-03-13 at 14:54, Marshall Heartley wrote:
Maybe so but what about those who want to use their existing machines and have no knowledge to install DVD drives? Yes there are people out
Uhm, you know what an IDE CD-ROM looks like at the back? Guess what, the DVD-ROM looks exactly like it. And even better, the DVD-ROM is backwards compatible so it will read all your old CD's you got lying around as well. Surely, the people that have a PC with an old CD-ROM knows someone that can help them update that CD-ROM to a DVD-ROM.
there like that. I know that the sources are on the net. But by that logic, you might as well get the personal edition and download what you need off the site. I paid for the pro version to try and avoid doing just that. Because dialup is painfully slow.
So get a DVD-ROM for your PC and your troubles are all over. And even
better, you will then have futureproofed your "ol' faithful" for another
handful of years.
Really, you have a non-problem here. If you can afford the SuSE update,
you can afford a DVD-ROM. Once you have the DVD-ROM, you can access all
those sources you were going to recompile. However, if your PC is that
old that it does not have a DVD-ROM or can not cope with one, it must be
painful to rebuild all those sources as it must be absolutely dog-slow.
Rgds,
--
Anders Karlsson
Good day Marshall, I will probably draw a lot of fire for this... I regret posting the link to SuSEs news, and thus putting petrol on the "What? No source on CDs?" fire. Can we please get on with what the list is actually meant for? Unless the person that directly posted here on the list that the sources will be on DVD only - unless (s)he is a SuSE employee, _none_ of us in here actually _knows_ how the software will be distributed in 8.2. How about trying this: Wait with the ranting untill you _know_ how the software on the CDs/DVDs will be distributed. And then, if you don't like it, don't rant about it in here where you have no guarantee that SuSE will see your rant. In stead go and use the _public official_ feedback page on SuSE's homepage. Best regards :o) Johnny :o) Torsdag den 13. marts 2003 15:44 kvad Marshall Heartley:
On Thu, 2003-03-13 at 08:37, Bryan Tyson wrote:
On Thursday 13 March 2003 07:15, Marshall Heartley wrote:
I guess now SuSE being like MS is OK.
That is a silly remark. How much source did you receive with your last Windows release?
As far as source is concerned, there was none. But my point is that I now have to do a MS thing by buying new hardware in order to do what I was able to do before. That is what I was comparing SuSE to.
The 03.03.13 at 13:26, Anders Johansson wrote:
I think you're sort of missing the point here. Noone is forcing you to buy it. You can get all the sources (yes, *all* the sources) completely gratis either from the internet by downloading yourself,
You may... but, for example, not me, I pay by the minute of inet conection. Others pay per megabyte, I heard. Not gratis, certainly. Worse, some people do not even have any internet nearby.
Now you tell me, why should I have to suffer with old technology simply because you and a handful of others won't get a dvd drive?
Why should you suffer? Why not have a choice? I use the dvd, but I like to have the cds as well. And, getting a dvd reader can be too expensive or impossible for some people. A cd only version could be sold by Suse as well. -- Cheers, Carlos Robinson
On Thursday 13 March 2003 05:53 am, Anders Johansson wrote:
On Thursday 13 March 2003 12:54, Marshall Heartley wrote:
This is a VERY POOR judgement call on your part SuSE!!! I like a few others on this list do not own a DVD drive but now you insist on putting the sources on a DVD??? What good is that going to do me??? Especially if I need to recompile something. I guess it is to cut down on cost but without the sources, you are no better than MS and like I stated before, others like me do not have broadband to download the sources. So what do users without a DVD and broadband do? I guess you are telling us like MS that we need to change our hardware!!!! What next activation??
heh
You don't think you're - I don't know - overreacting, or something?
Without a cdrom you can't install it either, only old slackware distros are shipped on floppies. Evil conspiracy?
With a 486 you can't install it, since all packages are compiled for i586. Evil conspiracy?
Come join the 21st century. It's fun here
Name a company that sells computer 'systems' that *doesn't* put at *least* a cdrom in though. That's what he's saying. *Everyone and their grandma has a cdrom, but only a few have or can afford a dvd drive. I have a base of approximately 60 customers, just your everyday average Joe, and I can only recall seeing maybe 4 or 5 of those systems with a dvd in it. Hell man...*I* don't have a dvd in *my* system. You do understand *why* most don't have one, don't you? Most people watch dvd's on a tv system. Most apps, don't come on 'dvd's', and most people just can't afford one at the moment or see any need to 'have' one. So instead of bitching, how about telling us you'll buy each of us that does *not* own a dvd, a new one to put in our system, so that we can have access to *everything* we have access to now up 8.1. John
On Thursday 13 March 2003 06:03 am, sjb wrote:
Marshall Heartley wrote:
This is a VERY POOR judgement call on your part SuSE!!! I like a few others on this list do not own a DVD drive but now you insist on putting the sources on a DVD???
http://search.ebay.com/search/search.dll?query=dvd+drive
*sheesh*
Too bad my income doesn't amount to enough for me to *GET* a dvd drive at the moment, not for quite a while. Fixed incomes seem to do that, or are you one of those high and mighty people with lots of money who looks down on us 'poor' folk? *sheesh*! John
On Thursday 13 March 2003 06:26 am, Anders Johansson wrote: <snip>
If you don't have the funds to get a dvd drive then you don't have the funds to upgrade to every version of suse that gets published.
And guess what: *you don't have to*
How in the world can you even justify yourself saying that? How do you know that he, or *anyone* on this list buys 'every version' that comes out!? You are acting like a snot nosed rich kid brat! I'm a poor SOB, I don't get every version that comes out. I don't have and can't afford a dvd drive. Does this make me a 20th century screw up too? You do also understand that most people still only have dial-up, don't you? Or are you so lost in your "21st century" to know about the "real world"...not just your 21st century? John
Too bad my income doesn't amount to enough for me to *GET* a dvd drive at the moment, not for quite a while. Fixed incomes seem to do that, or are you one of those high and mighty people with lots of money who looks down on us 'poor' folk? *sheesh*!
Having just upgaded a couple of customers machines with CD/RW/DVD drives which cost me UK£50 and TAKEN OUT UK£30 of DVD my only comment would be. If people can't afford a DVD drive, then they can't afford the upgrade to 8.2 anyway, unless they are downloading it free, in which case - what is the problem? Perhaps when we are allowed access to broadband connections, then the need for any distribution disks will be removed - and how would SUSE make any money then! With hardware costs at a level where making any profit is difficult, and the software can be free, this whole discussion is a joke. -- Lester Caine ----------------------------- L.S.Caine Electronic Services
On Thursday 13 March 2003 16:57, John wrote:
How in the world can you even justify yourself saying that? How do you know that he, or *anyone* on this list buys 'every version' that comes out!? You are acting like a snot nosed rich kid brat! I'm a poor SOB, I don't get every version that comes out. I don't have and can't afford a dvd drive. Does this make me a 20th century screw up too? You do also understand that most people still only have dial-up, don't you? Or are you so lost in your "21st century" to know about the "real world"...not just your 21st century?
The person I was responding to was saying, basically, that since he couldn't afford - or didn't want to buy - a DVD player, nobody else should be allowed to enjoy the benefits. I was suggesting further that if one distro doesn't suit your needs, there are plenty others to choose from since there is no lock-in, and that one distro's moving towards DVDs doesn't make them Microsoft. Please spare me your blue collar antics. I've been unemployed for a long time now and am almost certainly poorer than you (nyah!), yet I can afford a DVD. It's only about $30 - $40 for a used one
I will add that a oem dvd drive for a computer runs from as low as $39 up to about $60 from our parts source here at work. Then most resllers would tack on around $10 or so on that I guess. Cd-rom are around $19 an up so I say that dvd drivers are affordible for the most part. I'm not putting in any cd-rom when i build a new system to put out on a desk here at work or build one for an employee to buy an take home. Now granted you can get a dvd player for home use on tv for around $100 an up thats not too bad. I do not watch dvd's on my computer but i could if i choose to. I can do that if i need to for kids an stuff so i say its an added value to put one in a computer if your ordering a clone to be built to spec an its not that much more costly then a cd-rom drive. just my 2 cents. jack At 04:07 PM 3/13/2003 +0000, sjb wrote:
John wrote:
You do also understand that most people still only have dial-up, don't you?
I understand you can still pick up DOS 5 diskettes at many computer fairs. Assuming you have some kind of transport to get there. (A bicycle will do if that's all you have)
sjb
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
If you find one for cheap, get one :). Can use it for more just SuSE Not sure how much they are in other countries other than the states though. Matt On Thu, 2003-03-13 at 01:33, Schulz Georges wrote:
Oh good, I quess I will not buy, because I do not have A DVD. Thanks for the info.
Roger Gardner
-----Ursprüngliche Nachricht----- Von: Thorsten Kukuk [mailto:kukuk@suse.de] Gesendet: Donnerstag, 13. März 2003 10:15 An: Schulz Georges Betreff: Re: [SLE] 8.2 Announced
On Thu, Mar 13, Schulz Georges wrote:
Then why is there only 5 CD's?
Because the sources are only on the second DVD.
-- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE Linux AG Deutschherrnstr. 15-19 D-90429 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
On Thursday 13 March 2003 09:44 am, Marshall Heartley wrote:
On Thu, 2003-03-13 at 08:37, Bryan Tyson wrote:
On Thursday 13 March 2003 07:15, Marshall Heartley wrote:
I guess now SuSE being like MS is OK.
That is a silly remark. How much source did you receive with your last Windows release?
As far as source is concerned, there was none. But my point is that I now have to do a MS thing by buying new hardware in order to do what I was able to do before. That is what I was comparing SuSE to.
-- Marshall
Marshall, I want to step in here for just a second please and interrupt this whole thread. Let me ask each of you complaining a question. When was the last time you used all 7 cds to install your SuSE? I barely used 5 when installing 8.0 and hardly 3 when installing 8.1, so what will we be missing on 2 cds we don't use? I can say, if SuSE decided to be rid of a few programs on the cds that just take up space and 9.5 people wouldn't use, then why not cut the number down to 5 cds? I suspect with the number of programs, etc SuSE presently supplies, something like 5300 I believe, some of those could be dropped and if we wanted them later, they are always available online. Whining about not having a dvd is pointless and serves no purpose as they are indeed cheap and very available now. If finances still don't allow the purchase, then you still have 5 cds full of wonderful Linux stuff. Wonder how many programs one can cram on a about 3.3gb these days? ;o) Point is, SuSE is moving forward with their Linux, they have too and should! If a few of us can't keep up all the time, then we have other choices, even with SuSE for our Linux. You almost sound like some of the old Amiga users that cried foul each time the rest of the world moved forward, but didn't continue to supply stuff for them too, as they fell further behind in updated programs. As Anders pointed out, things move forward, no way to stop that, a fact of life we live with now. What we have to decide to do is either try to catch up with it and live with it or cut ourselves off and stay with what suits us and our budgets, even though that requires us to use older stuff. Patrick -- --- KMail v1.5 --- SuSE Linux Pro v8.1 --- Registered Linux User #225206 On any other day, that might seem strange...
On Thu, 13 Mar 2003 06:54:00 -0500, Marshall Heartley wrote:
On Thu, Mar 13, Schulz Georges wrote:
Then why is there only 5 CD's?
Because the sources are only on the second DVD.
This is a VERY POOR judgement call on your part SuSE!!! I like a few others on this list do not own a DVD drive but now you insist on putting the sources on a DVD??? What good is that going to do me??? Especially if I need to recompile something.
You could always get the source off the Internet. SuSE maintains an FTP site I've found helpful on numerous occasions. So let's just stop this rant here. -- David Benfell, LCP benfell@parts-unknown.org --- Resume available at http://www.parts-unknown.org/resume.html
* John
On Thursday 13 March 2003 06:26 am, Anders Johansson wrote:
<snip>
If you don't have the funds to get a dvd drive then you don't have the funds to upgrade to every version of suse that gets published.
And guess what: *you don't have to*
How in the world can you even justify yourself saying that? How do you know that he, or *anyone* on this list buys 'every version' that comes out!? You are acting like a snot nosed rich kid brat! I'm a poor SOB, I don't get every version that comes out. I don't have and can't afford a dvd drive. Does this make me a 20th century screw up too? You do also understand that most people still only have dial-up, don't you? Or are you so lost in your "21st century" to know about the "real world"...not just your 21st century?
And so he makes an astute observation, although rather crass, and you must cast aspersions upon his ancestory? If you see him as a low individual, you most certainly by your words must look *up* to him. Please have a good day -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org
On Thursday 13 March 2003 10:07 am, sjb wrote:
John wrote:
You do also understand that most people still only have dial-up, don't you?
I understand you can still pick up DOS 5 diskettes at many computer fairs. Assuming you have some kind of transport to get there. (A bicycle will do if that's all you have)
sjb
Naw! Really? I understand that tureds that don't flush need a little help with a plunger...are ya ready? John
The 03.03.13 at 12:10, PL O'Smith wrote:
I can say, if SuSE decided to be rid of a few programs on the cds that just take up space and 9.5 people wouldn't use, then why not cut the number down to 5 cds? I suspect with the number of programs, etc SuSE presently supplies, something like 5300 I believe, some of those could be dropped and if we wanted them later, they are always available online.
Actually, I miss quite a few programs that were included with SuSE 7.1 or 7.3, but not in 8.1. There should be more CDs, not less.
Point is, SuSE is moving forward with their Linux, they have too and should! If a few of us can't keep up all the time, then we have other choices, even with SuSE for our Linux. You almost sound like some of the old Amiga users that cried foul each time the rest of the world moved forward, but didn't continue to supply stuff for them too, as they fell further behind in updated programs.
Well... one of the good points about linux is that it supported and made use of old hardware. Just because somebody invents something, should I _have_ to buy it? This is like "improving" software so you need to buy new hardware again, every two years... I like choices. (I do have a dvd drive) -- Cheers, Carlos Robinson
The 03.03.13 at 15:06, Anders Karlsson wrote:
Uhm, you know what an IDE CD-ROM looks like at the back? Guess what, the DVD-ROM looks exactly like it. And even better, the DVD-ROM is backwards compatible so it will read all your old CD's you got lying around as well.
Mine doesn't... not in Linux, nor in windows. -- Cheers, Carlos Robinson
Ok enough... Want to do name calling and be abusive please take it usenet or something...Or even better take it to personal mails. Matt On Thu, 2003-03-13 at 13:53, John wrote:
On Thursday 13 March 2003 09:55 am, sjb wrote:
John wrote:
are you one of those high and mighty people with lots of money who looks down on us 'poor' folk?
Yes.
sjb
Then you're either a lawyer or a turd that won't flush...or is that redundant?
John
* John (yonaton@tds.net) [030313 14:01]: ->On Thursday 13 March 2003 10:07 am, sjb wrote: ->> John wrote: ->> > You do also understand that most people still only have dial-up, don't ->> > you? ->> ->> I understand you can still pick up DOS 5 diskettes at many computer ->> fairs. Assuming you have some kind of transport to get there. (A bicycle ->> will do if that's all you have) ->> ->> sjb -> -> Naw! Really? I understand that tureds that don't flush need a little help ->with a plunger...are ya ready? This is quite enough. We don't need to resort to this silly behavior. -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I'll tell you what you should see.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sheesh, it's getting ugly in here! Curtis Rey On Thursday 13 March 2003 16:27 pm, Matt wrote:
Ok enough...
Want to do name calling and be abusive please take it usenet or something...Or even better take it to personal mails.
Matt
On Thu, 2003-03-13 at 13:53, John wrote:
On Thursday 13 March 2003 09:55 am, sjb wrote:
John wrote:
are you one of those high and mighty people with lots of money who looks down on us 'poor' folk?
Yes.
sjb
Then you're either a lawyer or a turd that won't flush...or is that redundant?
John
- -- - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.7 (GNU/Linux) mQGiBD5TsKcRBACXc11nz+pdunhZ1XBCoFB8SO06Hnvm+e3zJRG3XNkpatvQpKzc 67FmMDDtI+menX9BBLEZ05U7SYkHNfKER96nPXmoO4jL0KFZxYmhizXnVvZYSXpU cXNQa1ABWq6WgHOyeYLREjarZSgtWBluJ0tEB13ptneRjCjacvxrzKCGXwCg7wvt Wae/N25itO1t5hQ0+w/pXl0EAJJIGuTSEHrG2GxSx73Q2Ib6cDYhYMWYyAaG52iE wPZDJ7HO9aPfgPayetwXRjMnrnIQAZSMd/SVmEYRox8Z1X+oACm6KWLumq70UsMP 5K1Zlqe5HSIcfbsyhMvV5xWMRItqEYuuGaC9iqysycvHHfRIec55qEAQZ8yKYqCh 6S8GA/wOBdC8TtE0tvh6QUqHXlRtWXT6Bq0g2/G/eyIEJ+dx8WM6WE/qMlhAA1vE 2nxNQ4HPo4CQnIgVv3ZA6E7a2eetQB7znC1QJJ4jzfklpd3gODBeBmbq548dgwAi g8Ge9y6EFpfErkI/Nn1pwShdR3P+L+vTPVnDUgfZETufSe7ZYbQeQ3VydGlzIFJl eSA8Y3JyZXlAY2hhcnRlci5uZXQ+iFkEExECABkFAj5TsKcECwcDAgMVAgMDFgIB Ah4BAheAAAoJEO1lS4g66npLZ4UAn2vDDYbNL8m0lCgRefbuv/+exZhLAKCEr7EH xF/zq5kR1wxkFpgGLLjnZrkBDQQ+U7CoEAQA6/LnK6yXDAUTelM0Q+YUvwxzYMaf eWAzLIxkms8pu7r4R5S9RqcLJAOjpeMcMpw5AW7F9Xr2JUOvy5snaEYOw8UEAGAf ZZwecXhuuWyA0mj3oCBnH1vhiPj/F1Ft0LPjuYf2I5VtnP+s6/qq6eH6AgEXa2lr QgdFvl/vkApk6B8AAwUD/0YmJAFb+ptU6VzWR3Pzy6Uow/Bsqi6UPT8+g4Nj31q/ zY2+kFxHVkWOELlHQYfNhbmK8XCG9rj4S7wuWy804oDnN9NNpP4Yx2S04nYJx1an NHqTUheJjq1AteVHmjKRGhEyct9WdXIcN5+lbAmTn34HbJkFnxTZu84doCOTNbjR iEYEGBECAAYFAj5TsKgACgkQ7WVLiDrqekv1+QCeIa94/uImG9o/IJ8nCY8w2aoe +jwAoM1e6VVCroJ1RUPC+xMgpHVILL+c =WL2Z - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+cQgT7WVLiDrqeksRAklPAKDTGzgz6hF6ZD+RN5HhMUK4v7WslQCffp3M o4zDDvrjNQNSNapLFK0TIkw= =6EhO -----END PGP SIGNATURE-----
Since he has now stooped to toilet terms can we BLOCK this guy from the List? Please? On Thursday 13 March 2003 03:53 pm, John wrote:
On Thursday 13 March 2003 09:55 am, sjb wrote:
John wrote:
are you one of those high and mighty people with lots of money who looks down on us 'poor' folk?
Yes.
sjb
Then you're either a lawyer or a turd that won't flush...or is that redundant?
John
-- -- Proud to be a SuSE Linux User since 5.2 --
On Thursday 13 March 2003 08:33, Marshall Heartley wrote: [stuff deleted]
I don't know what a pop-shot is, and if your ideals consist of having linux distros cater to the lowest common denominator, then get one that does just that. Any changes SuSE has made are/will be freely available. How very MS, right?
[stuff deleted]
Here is a example of a pop-shot FYI
I believe that the word you are looking for is pot-shot not pop-shot. It is derived from shooting something in a pot (or very close, confined area). It is also sometimes called a cheap-shot. Now as to DVD drives, I recently saw one at Comp-USA for $19.95 after rebate. That is pretty cheap. I will have to admit that I only recently got a DVD drive also, but it was not a real problem to get it working. As a matter of fact, it worked for data immediately after I plugged it into the system. It did take a little coaxing to get it to play movies properly. -- Kelly L. Fulks Home Account
<snipped all the preceding nonsense> Hello, everyone. Back in 1993, I decided to try this new thing called Linux, as the commercial Unices were all well beyond the purchasing power of a poor student. Unfortunately, the best distro I could find at the time, Yggdrassil (sp), only came on CD. As we were still using slow modems, and the internet was still in its infancy, the chances of downloading a full Linux distro were non-existent. What was I to do ? I saved my pennies and bought a Toshiba 2.2x CD-ROM drive. Wow, suddenly I found myself in the multimedia age. I got my Linux installed on my 486DX2-50, 16MB RAM machine, and was somewhat disappointed to find out how little it could do at that time. But it was a start. So what's the point of this ? Times change, technology moves forward (often at a frightening pace), and we either have to keep up, or fall behind. If technology did not develop, we would still be using 8088 machines with <1MB RAM, or worse, and TRON would still look super-high-tech. Please stop whining about the lack of sources. If it means that much to you, I'll burn them to a sodding CD for you and mail it to you as soon as my box set arrives. Stuart.
On Thursday 13 March 2003 03:54 am, Marshall Heartley wrote:
Oh good, I quess I will not buy, because I do not have A DVD. Thanks for the info.
Looks like I will not either!
On Thu, Mar 13, Schulz Georges wrote:
Then why is there only 5 CD's?
Because the sources are only on the second DVD.
This is a VERY POOR judgement call on your part SuSE!!! I like a few others on this list do not own a DVD drive but now you insist on putting the sources on a DVD??? What good is that going to do me???
Just buy the upgrade version and use the $30.00 you save to get a cheap dvd. -- dh Don't shop at GoogleGear.com!
Sorry to reply to my own post, I was catching up on the last 3 days of mail, had I known how stupid and inflamed this thread was to become before I replied I would have never sent my previous post. That is all, now, back to your regularly scheduled flame fest :-) -- dh Don't shop at GoogleGear.com!
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
That is all, now, back to your regularly scheduled flame fest :-)
LOL~! Curtis - -- - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.7 (GNU/Linux) mQGiBD5TsKcRBACXc11nz+pdunhZ1XBCoFB8SO06Hnvm+e3zJRG3XNkpatvQpKzc 67FmMDDtI+menX9BBLEZ05U7SYkHNfKER96nPXmoO4jL0KFZxYmhizXnVvZYSXpU cXNQa1ABWq6WgHOyeYLREjarZSgtWBluJ0tEB13ptneRjCjacvxrzKCGXwCg7wvt Wae/N25itO1t5hQ0+w/pXl0EAJJIGuTSEHrG2GxSx73Q2Ib6cDYhYMWYyAaG52iE wPZDJ7HO9aPfgPayetwXRjMnrnIQAZSMd/SVmEYRox8Z1X+oACm6KWLumq70UsMP 5K1Zlqe5HSIcfbsyhMvV5xWMRItqEYuuGaC9iqysycvHHfRIec55qEAQZ8yKYqCh 6S8GA/wOBdC8TtE0tvh6QUqHXlRtWXT6Bq0g2/G/eyIEJ+dx8WM6WE/qMlhAA1vE 2nxNQ4HPo4CQnIgVv3ZA6E7a2eetQB7znC1QJJ4jzfklpd3gODBeBmbq548dgwAi g8Ge9y6EFpfErkI/Nn1pwShdR3P+L+vTPVnDUgfZETufSe7ZYbQeQ3VydGlzIFJl eSA8Y3JyZXlAY2hhcnRlci5uZXQ+iFkEExECABkFAj5TsKcECwcDAgMVAgMDFgIB Ah4BAheAAAoJEO1lS4g66npLZ4UAn2vDDYbNL8m0lCgRefbuv/+exZhLAKCEr7EH xF/zq5kR1wxkFpgGLLjnZrkBDQQ+U7CoEAQA6/LnK6yXDAUTelM0Q+YUvwxzYMaf eWAzLIxkms8pu7r4R5S9RqcLJAOjpeMcMpw5AW7F9Xr2JUOvy5snaEYOw8UEAGAf ZZwecXhuuWyA0mj3oCBnH1vhiPj/F1Ft0LPjuYf2I5VtnP+s6/qq6eH6AgEXa2lr QgdFvl/vkApk6B8AAwUD/0YmJAFb+ptU6VzWR3Pzy6Uow/Bsqi6UPT8+g4Nj31q/ zY2+kFxHVkWOELlHQYfNhbmK8XCG9rj4S7wuWy804oDnN9NNpP4Yx2S04nYJx1an NHqTUheJjq1AteVHmjKRGhEyct9WdXIcN5+lbAmTn34HbJkFnxTZu84doCOTNbjR iEYEGBECAAYFAj5TsKgACgkQ7WVLiDrqekv1+QCeIa94/uImG9o/IJ8nCY8w2aoe +jwAoM1e6VVCroJ1RUPC+xMgpHVILL+c =WL2Z - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+cYqZ7WVLiDrqeksRAm6cAJ4+jl+B6CkWMIqPFNp0912e9WRL7QCeMYd4 9q25HUVepuLkxzIOnMDapy0= =Ib7f -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Sorry, we're at the mercy of Godwin's Law.
You/SuSE-e are, but not I - Filter :) Curtis
--
-ckm
- -- - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.7 (GNU/Linux) mQGiBD5TsKcRBACXc11nz+pdunhZ1XBCoFB8SO06Hnvm+e3zJRG3XNkpatvQpKzc 67FmMDDtI+menX9BBLEZ05U7SYkHNfKER96nPXmoO4jL0KFZxYmhizXnVvZYSXpU cXNQa1ABWq6WgHOyeYLREjarZSgtWBluJ0tEB13ptneRjCjacvxrzKCGXwCg7wvt Wae/N25itO1t5hQ0+w/pXl0EAJJIGuTSEHrG2GxSx73Q2Ib6cDYhYMWYyAaG52iE wPZDJ7HO9aPfgPayetwXRjMnrnIQAZSMd/SVmEYRox8Z1X+oACm6KWLumq70UsMP 5K1Zlqe5HSIcfbsyhMvV5xWMRItqEYuuGaC9iqysycvHHfRIec55qEAQZ8yKYqCh 6S8GA/wOBdC8TtE0tvh6QUqHXlRtWXT6Bq0g2/G/eyIEJ+dx8WM6WE/qMlhAA1vE 2nxNQ4HPo4CQnIgVv3ZA6E7a2eetQB7znC1QJJ4jzfklpd3gODBeBmbq548dgwAi g8Ge9y6EFpfErkI/Nn1pwShdR3P+L+vTPVnDUgfZETufSe7ZYbQeQ3VydGlzIFJl eSA8Y3JyZXlAY2hhcnRlci5uZXQ+iFkEExECABkFAj5TsKcECwcDAgMVAgMDFgIB Ah4BAheAAAoJEO1lS4g66npLZ4UAn2vDDYbNL8m0lCgRefbuv/+exZhLAKCEr7EH xF/zq5kR1wxkFpgGLLjnZrkBDQQ+U7CoEAQA6/LnK6yXDAUTelM0Q+YUvwxzYMaf eWAzLIxkms8pu7r4R5S9RqcLJAOjpeMcMpw5AW7F9Xr2JUOvy5snaEYOw8UEAGAf ZZwecXhuuWyA0mj3oCBnH1vhiPj/F1Ft0LPjuYf2I5VtnP+s6/qq6eH6AgEXa2lr QgdFvl/vkApk6B8AAwUD/0YmJAFb+ptU6VzWR3Pzy6Uow/Bsqi6UPT8+g4Nj31q/ zY2+kFxHVkWOELlHQYfNhbmK8XCG9rj4S7wuWy804oDnN9NNpP4Yx2S04nYJx1an NHqTUheJjq1AteVHmjKRGhEyct9WdXIcN5+lbAmTn34HbJkFnxTZu84doCOTNbjR iEYEGBECAAYFAj5TsKgACgkQ7WVLiDrqekv1+QCeIa94/uImG9o/IJ8nCY8w2aoe +jwAoM1e6VVCroJ1RUPC+xMgpHVILL+c =WL2Z - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+cYrl7WVLiDrqeksRAjA9AKCymZ7NTjaot7+uogri2iH6CMApxACcCFPH DR7FFEFE2MO00madr21AmEg= =Yw5E -----END PGP SIGNATURE-----
xxxx pgpgp unsigned xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
* Curtis Rey
Sorry, we're at the mercy of Godwin's Law.
You/SuSE-e are, but not I - Filter :)
Curtis, your responses are witty and enjoying, but your 32 line announced proof of your existance after a broken sig-indicator are a bit galling, especially after a *one* line comment. Please, if you *must* pgp sign your posts, the public key block is superfluous and the proper sig-indicator is <dash><dash><space>. Thankyou xxxx pgpgp unsigned xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx beware, i may have not written this message xxxxxxxxxxxxxx -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ya, I know. I've been having some problems. I hope there fixed. Thanks, Curtis. On Friday 14 March 2003 06:32 am, Patrick Shanahan wrote:
xxxx pgpgp unsigned xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
* Curtis Rey
[03-14-03 02:58]: Sorry, we're at the mercy of Godwin's Law.
You/SuSE-e are, but not I - Filter :)
Curtis, your responses are witty and enjoying, but your 32 line announced proof of your existance after a broken sig-indicator are a bit galling, especially after a *one* line comment. Please, if you *must* pgp sign your posts, the public key block is superfluous and the proper sig-indicator is <dash><dash><space>.
Thankyou
xxxx pgpgp unsigned xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx beware, i may have not written this message xxxxxxxxxxxxxx -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+ciBa7WVLiDrqeksRAg5xAJ9YWnipjq38e5plBAEdlfX+n718UgCg3pWI LwgYRbUz2xg4rN5alm1vv4A= =d9KO -----END PGP SIGNATURE-----
On Friday 14 March 2003 10:32 am, Curtis Rey wrote:
Ya, I know. I've been having some problems. I hope there fixed.
I've been watching your posts and noticed the inclusion of the public key was semi-random -- I generally ignored the overlong sig-with-key and chalked it up to user error. I just checked, the "attach" menu has three options at the top: append sig, attach <any> public key, and attach MY key. This is "next to" the "options" menu which has the "sign/encrypt" message actions. I can see how it would be (semi) easy to pick the wrong menu item and therefore attach the key rather than sign the message. OTOH, there is a global option: sign every message, which I'm reasonably sure you've chosen. It would be interesting to know whether or not the inclusion of the full key is an artifact of Kmail as (a) I'm using it myself, (b) we JUST held a "keysigning party" at my Linux user group last night, and (c) I intend to start using this "feature" myself [in fact, as I was writing this message I just pulled up the settings screen and checked "automatically sign all messages", so you'll get my (unverified) signature on this message...]
On Friday 14 March 2003 06:32 am, Patrick Shanahan wrote:
[...] the proper sig-indicator is <dash><dash><space>.
I've often wondered about the trailing "space" -- how can you tell whether or not it's there without resorting to a hex dump of the message? As such, the sig indicator is not something under direct control of kmail users. For instance, I have a signature set for this "identity", and all I put into this is the line "Yet another Blog: http://osnut.homelinux.net". Kmail itself prepends the "--<spc>" when writing messages [and actually, I can somewhat verify there is a trailing space by noting where the cursor appears if I move to that line and press <end>] However, what happens of some transport "somewhere" in the chain of sending the message decides to strip trailing spaces on lines? [after all, save for the "proper" indication of a sig, there is no reason to send something that nobody will ever see, right?] -- Yet another Blog: http://osnut.homelinux.net
night, and (c) I intend to start using this "feature" myself [in fact, as I was writing this message I just pulled up the settings screen and checked "automatically sign all messages", so you'll get my (unverified) signature on this message...] which I just noticed "didn't happen" -- I know there have been some "signature issues" brought up on the kmail bug/bitch list, but as I look at my screen now I think I see what happened, and it was inferred above: I changed the setting WHILE I was writing the message -- as I write this one, I see that
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 14 March 2003 11:28 am, Tom Emerson wrote: the toolbar icon for "sign this message" is "pushed in", meaning that when I hit send it will prompt for my passphrase and do the signature; when I changed the setting, it didn't update the toolbar of the message I was working on... - -- Yet another Blog: http://osnut.homelinux.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+ci8PV/YHUqq2SwsRAhM6AKDJ2L547zqiCYAHfCEEgaggH0svyACgwRTS riVuATN0kZRGJyd5QfgF6QY= =m4sq -----END PGP SIGNATURE-----
xxxx pgpgp unsigned xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
* Tom Emerson
which I just noticed "didn't happen" -- I know there have been some "signature issues" brought up on the kmail bug/bitch list, but as I look at my screen now I think I see what happened, and it was inferred above: I changed the setting WHILE I was writing the message -- as I write this one, I see that the toolbar icon for "sign this message" is "pushed in", meaning that when I hit send it will prompt for my passphrase and do the signature; when I changed the setting, it didn't update the toolbar of the message I was working on... - -- Yet another Blog: http://osnut.homelinux.net -----BEGIN PGP SIGNATURE-----
notice the line above 'Yet another Blog:', another ?broken? sig-indicator. Is gpg/pgp doing it or kmail or gpg/pgp/kmail? -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org
On Friday 14 March 2003 13:35 pm, Tom Emerson wrote:
On Friday 14 March 2003 11:28 am, Tom Emerson wrote:
night, and (c) I intend to start using this "feature" myself [in fact, as I was writing this message I just pulled up the settings screen and checked "automatically sign all messages", so you'll get my (unverified) signature on this message...]
which I just noticed "didn't happen" -- I know there have been some "signature issues" brought up on the kmail bug/bitch list, but as I look at my screen now I think I see what happened, and it was inferred above: I changed the setting WHILE I was writing the message -- as I write this one, I see that the toolbar icon for "sign this message" is "pushed in", meaning that when I hit send it will prompt for my passphrase and do the signature; when I changed the setting, it didn't update the toolbar of the message I was working on... -- Yet another Blog: http://osnut.homelinux.net
Ya, I have been having problems with this whole thing. When I first upgraded to k3.1 it seemed to be ok and then, just recently, it started giving me error messages at kmail's start up about not have a "plugin" setup properly. This is why my key was issued as a formal sig. When I did this it would give the error message - but took up "entirely" too much space. I have yet to see the tell-tale pen/quill icon associated with what I presume to be a proper and working key code config. I have changed some things, and reconfiged my gpg. On that note, does this message appears as it should? Cheers, Curtis.
xxxx pgpgp unsigned xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
* Curtis Rey
Ya, I know. I've been having some problems. I hope there fixed.
thanks, *much* better, imnsho. tks, xxxx pgpgp unsigned xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx beware, i may have not written this message xxxxxxxxxxxxxx -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org
* Curtis Rey
On that note, does this message appears as it should?
Yes, but if you intended a sig-indicator or the gpg/pgp notice, there was none. BUT, a *great* improvement. tks, -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org
On Friday 14 March 2003 20:28, Tom Emerson wrote:
I've often wondered about the trailing "space" -- how can you tell whether or not it's there without resorting to a hex dump of the message?
"You" may not be able to tell, but that's not the purpose. It's intended for machine reading.
However, what happens of some transport "somewhere" in the chain of sending the message decides to strip trailing spaces on lines?
I don't have the standard in front of me, but I'd be prepared to bet that that should be considered a bug. MTAs can't at will re-edit email messages.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 14 March 2003 12:12 pm, Patrick Shanahan wrote:
xxxx pgpgp unsigned xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
* Tom Emerson
[03-14-03 14:36]: ... snip ...
[and more sniping]
- -- Yet another Blog: http://osnut.homelinux.net -----BEGIN PGP SIGNATURE-----
notice the line above 'Yet another Blog:', another ?broken? sig-indicator. Is gpg/pgp doing it or kmail or gpg/pgp/kmail?
very likely as I review this -- some behind the scenes stuff is going on: the message gets turned into a pseudo-mime message with the following headers: MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: clearsigned data Content-Disposition: inline You'll note that this becomes "quoted-printable", meaning it will have lots of embedded "=20" and similar items [usually at the tail end of a line that wrapped as I wrote it...] Viewing the "plain text" of the message itself, I see that the sig line WAS changed: =2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [...] =2D --=20 Yet another Blog: http://osnut.homelinux.net =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+ci8PV/YHUqq2SwsRAhM6AKDJ2L547zqiCYAHfCEEgaggH0svyACgwRTS riVuATN0kZRGJyd5QfgF6QY=3D =3Dm4sq =2D----END PGP SIGNATURE----- Notice that any line that begins with a "-" becomes "=2D" followed by more dashes. This appears to have "broken" the sig seperator because it becomes "=2D<space><dash><dash>=20", hence the reported "- --<space>" I'm hesitant to report this to the kmail group as a "bug" because it appears that this may be a known, and possibly moot, issue: the "developers" appear to be using version 1.5.9 [the released version is 1.5.0] and they all seem to have "detached" signatures, so "this may already be fixed" [but I'm not running the developer version, so you'll have to live with my "buggy" sig line -- fortunately I keep it fairly short :) ] Of course, veering back to the original topic [8.2 announced], one of the features of 8.2 is the inclusion of KDE 3.1, meaning that "all of a sudden" lots of people will start using kmail 1.5, and I'm reasonably certain it will be 1.5.0, not 1.5.9 or better ;) [but of this is only a hiccup when signing messages, the occurance rate of "buggy" sig seperators should be fairly low - -- did any of my previous messages appear "broken" before I started using the signing capability?] Tom - -- Yet another Blog: http://osnut.homelinux.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+cj+PV/YHUqq2SwsRAoMCAKDBhJkK869AClfcyitNxRLZJ8OA9gCgo5Ba UFhqj9ZdAikK/lLB2IA6Q0o= =0euh -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 14 March 2003 12:46 pm, Tom Emerson wrote:
I'm hesitant to report this to the kmail group as a "bug" because it appears that this may be a known, and possibly moot, issue:
Known, yes; moot, maybe -- I just found this bug report: http://bugs.kde.org/show_bug.cgi?id=39029 which is marked as "closed"; the gist of it was that the alteration of the "--" indicator caused Evolution to fail to verify the signature. The consensus appears to be "not kmail's fault", since one report/comment went along the lines of "well, kmail can verify signed messages, and so can pine & mutt, the only one having a problem is evolution" [and while not mentioned in this discourse, I think I've heard the same about MS Outlook not being able to verify messages either...] So, while mainly cosmetic, it appears a potential source-of-the-problem is that the quoted-printable translation of a line beginning with a dash may not always be "decoded" properly. It also appears that the "next release" wont have [as much of] a problem because [appearntly] "detached" signatures are a preferred way of working with things - -- Yet another Blog: http://osnut.homelinux.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+ckoIV/YHUqq2SwsRApXMAJ9l96FMXnNOyRD2IkxOXpw/IbeS4wCeJa3C rCdghyAYL8Zezt6FAKkDyOo= =ehH/ -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 13 March 2003 06:03, sjb wrote:
Marshall Heartley wrote:
This is a VERY POOR judgement call on your part SuSE!!! I like a few others on this list do not own a DVD drive but now you insist on putting the sources on a DVD???
http://search.ebay.com/search/search.dll?query=dvd+drive
*sheesh*
Or, http://www.pricewatch.com - -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import - -- "There are 10 kinds of people in the world: those who understand binary, and those who don't." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iQIXAwUBPneua9GDyPawr2auFAKbsQf7Brl26+wXP9WK+NeDZoZ3E6qa7QapZaEl h56uzordRLr66IXArNDKDCnINj9a/9WMjera2TviLL4icqlLQzK3+FSyVIXt8lSw bCPDECiN21pKWGvbRLnpgk+nXQ1nJuVC58hZj3RNUAjEGt4zrXTn8nRq7qoWVakm Y1GpCmzIBC2O658eklN220i9/ZgeiVBt4qLrAWFlFToFImD6EHTnr/ANNRCDal86 xjxiKQ6Un9+AiJICB37RzrQDWdHvA6QScX9ml/R3fXQwp6t5LoPvMguxiIrWTKmP UrE/jOCjIKCY/yPp8oANnWcZyEMLjyMIWximvowg77KbBK045NWhYwf/TcMx/M6B LIlDDhaEbURqOHaS0FPzd00z5PDznZxexLkUmNgAZlPB8eauiKKK+YZCOZ8AZ6BO zAkyw01KH7O7jqY1bqYJuR58WZNsk9lY29bD9zJ3a2l/Hy6lTuLDDrGsoJq66YA7 uwDJZt1cCO1cgjeq103TtIA/iNeB7LcDjYqnoqaMCT0+8LZXEV2vpeERFDxIgYK/ 66NgFBcsmlki5rHbonTU/thOqDLzEPkHlE2ASe4TeT91q0LZ4I71GrC8fbIKnBHS izDETR65udOuR3CK6i6t5GkQnvjLrl1k/J01Ab4HRuiOp9pUEAlv5zgChtpjeKC8 kN0hnYCEw7PKXA== =x/zC -----END PGP SIGNATURE-----
* Mitch Thompson
-----BEGIN PGP SIGNED MESSAGE----- - -- Mitch Thompson, San Antonio TX // WB5UZG -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iQIXAwUBPneua9GDyPawr2auFAKbsQf7Brl26+wXP9WK+NeDZoZ3E6qa7QapZaEl h56uzordRLr66IXArNDKDCnINj9a/9WMjera2TviLL4icqlLQzK3+FSyVIXt8lSw bCPDECiN21pKWGvbRLnpgk+nXQ1nJuVC58hZj3RNUAjEGt4zrXTn8nRq7qoWVakm Y1GpCmzIBC2O658eklN220i9/ZgeiVBt4qLrAWFlFToFImD6EHTnr/ANNRCDal86 xjxiKQ6Un9+AiJICB37RzrQDWdHvA6QScX9ml/R3fXQwp6t5LoPvMguxiIrWTKmP UrE/jOCjIKCY/yPp8oANnWcZyEMLjyMIWximvowg77KbBK045NWhYwf/TcMx/M6B LIlDDhaEbURqOHaS0FPzd00z5PDznZxexLkUmNgAZlPB8eauiKKK+YZCOZ8AZ6BO zAkyw01KH7O7jqY1bqYJuR58WZNsk9lY29bD9zJ3a2l/Hy6lTuLDDrGsoJq66YA7 uwDJZt1cCO1cgjeq103TtIA/iNeB7LcDjYqnoqaMCT0+8LZXEV2vpeERFDxIgYK/ 66NgFBcsmlki5rHbonTU/thOqDLzEPkHlE2ASe4TeT91q0LZ4I71GrC8fbIKnBHS izDETR65udOuR3CK6i6t5GkQnvjLrl1k/J01Ab4HRuiOp9pUEAlv5zgChtpjeKC8 kN0hnYCEw7PKXA== =x/zC -----END PGP SIGNATURE-----
*What* makes people so ??proud?? of their public keys. I apologize for the quote. And what use is a pgp signed post in a mail list other than vanity? 36 lines total: 7 Quote 9 Sig (with broken 2 indicators) 18 PGP key/sign 2 Actual content <don flame-retardent armor> -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org
36 lines total:
Good point. You won't get a flame from me. On another topic (which is why I kept this under the Announced thread), will the newly found "local root hole" in the =< 2.4.20pre kernels have any effect on the release date of 8.2? I don't expect an "official" answer obviously, but what has SuSE done in the past? Is there still enough time to roll in the patch prior to 8.2? Seems like updating a kernel prior to release is a better idea than asking the user to update the kernel themselves. Heck, even I've only rerolled one kernel in the past three years or so and then only to see if I could still do it! -- John LeMay KC2KTH Senior Enterprise Consultant NJMC | http://www.njmc.com | Phone 732-557-4848 Specializing in Microsoft and Unix based solutions
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 18 March 2003 18:45, Patrick Shanahan wrote:
*What* makes people so ??proud?? of their public keys. I apologize for the quote.
And what use is a pgp signed post in a mail list other than vanity?
36 lines total: 7 Quote 9 Sig (with broken 2 indicators) 18 PGP key/sign 2 Actual content
<don flame-retardent armor>
So, quoting my signature does not compound the problem? I have KMail set up for signing every message I send. PGP signed means *I* sent it. Deal with it.
-- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org
- -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import - -- "There are 10 kinds of people in the world: those who understand binary, and those who don't." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iQIXAwUBPnnMF9GDyPawr2auFAKe5wf/bcgLvw0dvlBHNFb1TUu3aAs/LWQRuBf8 lfOv/Y8655J7JtF6yvO78ZtpUlSawolfnn0xYAHcl+T+q1BarLcMKfZLHpYo+Any 1vIFd8OpVFCKKTz+esgcJkbxqaqko533t64aUgQspk3zawhGO4y/T0SOQtXH6H/n NVsvcmDUREdoU9sweYPRvjUjLM4EWW8QGIS5PR0HOt136dZAr6cINu3a097+JTbV 0PUoc9R9VKawEGjSzFKRdWztxnkx1qfeQ+HZbHJdOPeo3dv1EtXN5D/tFM1OgIkG iGhvi+0vSc/Ei9mfcSDl+9hK+GJeeHXtmztB7EcZShMhyuRTYxr+nwf+KxAbubiU kwupiNpwnDq1Qsp1KjHNLbwYV+sikGVXHxnL+VZvgvO+M315rL06pXO1hGuAUQVh HVNL+dyB+rVS095UEbS711G4WoiOuqBXjvZSjfr8cBps04KtX1jaI76eYQsbjx66 eSHOeB3aYaZHPOJhgqeaBI74gjFEZj1QjBP1ywG2WLnFOV8hKxOcDjf1VAZ+XiOG pRhQ5hKU8LxjG1xOI0jd2VToYm0zKbA1/B/Elg+hYHCa7wxiSKqMmoUh+JVBsV1J GJK82B+SUxsx3xiMcHSCm7s9HCTgpzF1iPJEEQdwMeVlTgg0flO0R5q6+ML0GQSZ hiOcFFzYgrCf4Q== =Ht4v -----END PGP SIGNATURE-----
On Thu, 20 Mar 2003 18:59:53 +0000
fsanta
Nope. Sorry folks, you've lost me on this one. Is it better to have pgp or not? On the one hand it seems to guarantee something but on the other it's a waste of space. It says here. Confused. Steve.
I think most mail programs have the option of signing or not. I save the signing for important stuff. This mail list is like coffee room chatter, hardly the place for signatures. All the signatures do is make it hard to read the real content. But you learn to quickly ignore it. (Look at it like it's "speed-reading training" on how to avoid the "clutter"). -- use Perl; #powerful programmable prestidigitation
Nope. Sorry folks, you've lost me on this one. Is it better to have pgp or not? On the one hand it seems to guarantee something but on the other it's a waste of space. It says here. Confused. Steve. On Thursday 20 March 2003 14:11, Mitch Thompson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tuesday 18 March 2003 18:45, Patrick Shanahan wrote:
*What* makes people so ??proud?? of their public keys. I apologize for the quote.
And what use is a pgp signed post in a mail list other than vanity?
36 lines total: 7 Quote 9 Sig (with broken 2 indicators) 18 PGP key/sign 2 Actual content
<don flame-retardent armor>
So, quoting my signature does not compound the problem? I have KMail set up for signing every message I send.
PGP signed means *I* sent it. Deal with it.
-- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org
- -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import - -- "There are 10 kinds of people in the world: those who understand binary, and those who don't." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iQIXAwUBPnnMF9GDyPawr2auFAKe5wf/bcgLvw0dvlBHNFb1TUu3aAs/LWQRuBf8 lfOv/Y8655J7JtF6yvO78ZtpUlSawolfnn0xYAHcl+T+q1BarLcMKfZLHpYo+Any 1vIFd8OpVFCKKTz+esgcJkbxqaqko533t64aUgQspk3zawhGO4y/T0SOQtXH6H/n NVsvcmDUREdoU9sweYPRvjUjLM4EWW8QGIS5PR0HOt136dZAr6cINu3a097+JTbV 0PUoc9R9VKawEGjSzFKRdWztxnkx1qfeQ+HZbHJdOPeo3dv1EtXN5D/tFM1OgIkG iGhvi+0vSc/Ei9mfcSDl+9hK+GJeeHXtmztB7EcZShMhyuRTYxr+nwf+KxAbubiU kwupiNpwnDq1Qsp1KjHNLbwYV+sikGVXHxnL+VZvgvO+M315rL06pXO1hGuAUQVh HVNL+dyB+rVS095UEbS711G4WoiOuqBXjvZSjfr8cBps04KtX1jaI76eYQsbjx66 eSHOeB3aYaZHPOJhgqeaBI74gjFEZj1QjBP1ywG2WLnFOV8hKxOcDjf1VAZ+XiOG pRhQ5hKU8LxjG1xOI0jd2VToYm0zKbA1/B/Elg+hYHCa7wxiSKqMmoUh+JVBsV1J GJK82B+SUxsx3xiMcHSCm7s9HCTgpzF1iPJEEQdwMeVlTgg0flO0R5q6+ML0GQSZ hiOcFFzYgrCf4Q== =Ht4v -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 note: some may consider this a shade "off-topic", so if it degenerates further I'll mark it as such. For now, however, this should be some "good info" for those that are curious [and besides, it centers around a feature that is implemented more completely in Linux than in windows ;) ] On Thursday 20 March 2003 10:59 am, fsanta wrote:
Nope. Sorry folks, you've lost me on this one. Is it better to have pgp or not? On the one hand it seems to guarantee something but on the other it's a waste of space. It says here. Confused. Steve.
Perhaps the most authoritative (and possibly self-promotional) answers can be found on the gnuPG site: http://www.gnupg.org/ but I'll take a shot at an explanation anyway :)
On Thursday 20 March 2003 14:11, Mitch Thompson wrote:
On Tuesday 18 March 2003 18:45, Patrick Shanahan wrote:
*What* makes people so ??proud?? of their public keys. I apologize for the quote.
I don't know if "proud" is the right word to describe the attitude of people who have decided to use signatures (thought I suspect you are being satorical or facetious with that comment ;) perhaps "concerned" would be a better word [but that isn't quite right either -- I've basically just started with signing myself, so I haven't completely formalized my reasons. It is just something that I'm coming to the conclusion "is a good thing to do", but I cannot express why just yet]
And what use is a pgp signed post in a mail list other than vanity?
I have to admit -- some of your earlier arguments have merit [headers CAN be inspected to see if they've been forged or not] BUT, just like people who run a nimda-infected IIS server, how many people are actually GOING TO LOOK (or even CARE) that the headers are "not correct"? After all, without a signature I could have easily re-configured my client to "look like" I was you in this response -- set the name, signature block, return address, etc., all to match what shows publicly in your messages, and outside of the fact that the style & tone of the message doesn't match the way you write, I'd bet almost no one [other than yourself] would even BOTHER to look at the headers (and if the tone/style/wording was "close enough", anyone who checked might just think you're switching providers) I could turn around and ask, "what use is the following in a sig other than vanity?" > > > Patrick Shanahan Please avoid TOFU and trim >quotes< > > > http://wahoo.no-ip.org Registered Linux User #207535 > > > icq#173753138 @ http://counter.li.org however I now have a pointer to my website in my .sig, so I have less room to talk ;) BUT: your name is at the top of the message, so why include it in the signature [oh, wait, it IS a "signature"] likewise, what point is telling me you are registered user number 207535? I could tell you my registration numbers are 8116 and 70364 [which are my TRA and NAR numbers respectively] but outside of rocketry, that is rather meaningless to you :) Finally, I don't use icq or any variant thereof [I keep my e-mail client running 24x7 on a DSL line -- that's pretty much the equivalent of ICQ with the advantage that it automatically logs via "sent messages" ;) ] so that is meaningless to me. [Mitch further commented]
... I have KMail set up for signing every message I send.
This is kind of "where it gets interesting" -- KMail does some "neat things" in regards to signatures. As noted, it can be set to "always sign messages". It also recognizes keys on incoming messages and automatically checks to see if the contents are still "pristine" -- if there are any changes, KMail displays the message with a red background [green if it is "good", and yellow if it at least matches the stated signature, but you don't have a "web of trust" pointing to that signature so that you, personally, can be sure it was sent by the originator] furthermore, when you reply to (or forward) a signed message, KMail is smart enough to actually remove the signature block on the new message -- in effect, you don't "see" the additional lines --ever-- [well, unless you look at the full message, headers and all, but that's like "view source" for a web page...]
PGP signed means *I* sent it. Deal with it.
And that is the heart of the issue. You can go to the site listed in my signature and download my "public key" from the link on the page. Since the webserver is running from my very own home, there is sufficient "physical security" that I'm certain nobody has altered the key locally [and a firewall to prevent "outsiders" from doing things remotely, but this isn't an absolute guarantee...] Furthermore you can find my key on a "public key server" such as wwwkeys.us.pgp.net and see that the keys are the same [unless I'm out of sync, which isn't entirely impossible ;) ] Either way, once you have retrieved that key, you can check to see that this message "is valid" [and if you happen to "trust" a certain employee of Mandrake, you would also "know" that it really is "me" that is sending it -- even if you have never seen me "face to face". Patrick's comment about public lists does have a problem he hasn't addressed: security of the list server itself. This is one point where signing a message that is on a public list has merit. If someone compromised the SuSE-list-e server, they could re-write messages or message content in such a way that a "header check" would show that my messages come from my IP address, but with a signature in place, even a single-byte change of the content would flag the contents as "suspect" and thus alert anyone reading it [and checking the signature] to some funny goings-on.
- --
finally, the "broken signature indicator" issue: I've checked with the KMail developers, and the consensus is that your e-mail client [patrick] is broken. Messages that are "signed" are turned into "quoted-printable" for the purposes of signing [remember, I said a "single byte change" would invalidate a message, so to properly validate a message, you need some assurance you are seeing every byte as it was intended, which includes trailing spaces on a line, indicated by "=20"] As such, "quoted-printable" alters lines that begin with dashes to be "=2D<space><rest of the line>" -- whatever routine your client is using to decode the "quoted printable" portion apparently is not "undoing" the "=2D<space>" indicator, hence it appears to the naked eye that the signature indicator is "broken" [note also this is pgp/gpg's doing, not KMail -- you can find this discussion on the KMail bug list at http://kmail.kde.org] - -- Yet another Blog: http://osnut.homelinux.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: http://osnut.homelinux.net/TomEmerson.asc iD8DBQE+ehQsV/YHUqq2SwsRAuPrAJ0fQqmoEYVHFgVqV6OETKDzDsVHRgCgtaj0 AxOwtsSjmNmLL6M9zeF3oI0= =TDji -----END PGP SIGNATURE-----
* Mitch Thompson
PGP signed means *I* sent it. Deal with it.
*Not* unless it is checked against pgp/gpg. Means nothing except extra chars to anyone not using it. -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org Linux, a continuous *learning* experience
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 20 March 2003 12:33, zentara wrote:
On Thu, 20 Mar 2003 18:59:53 +0000
fsanta
wrote: Nope. Sorry folks, you've lost me on this one. Is it better to have pgp or not? On the one hand it seems to guarantee something but on the other it's a waste of space. It says here. Confused. Steve.
I think most mail programs have the option of signing or not. I save the signing for important stuff. This mail list is like coffee room chatter, hardly the place for signatures. All the signatures do is make it hard to read the real content.
But you learn to quickly ignore it. (Look at it like it's "speed-reading training" on how to avoid the "clutter").
Ah. Then it becomes a matter of personal preference.
-- use Perl; #powerful programmable prestidigitation
- -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import - -- "There are 10 kinds of people in the world: those who understand binary, and those who don't." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iQIXAwUBPnqI1NGDyPawr2auFAIHtggAltqZw6ZbQLLWLDL+6HPPvHXdQwNnEAWR Z0ztT8iJUozVgjzPK6Bs3o03nSC0eDU4BIrcHOfVROqgh0832JlpuF9gB07UGwx5 v3I4RDBDF5UePrroVNakR/ktihBJi+wu5wEIyPe/NOl0TuCDtxwH28IHqie/p0vc lOZnyxL5tYhodCUcRgmrRvjlCtCgSAJ7dAJplf4EfL3GmAaCGvC+XLLUbwbKzUmj uhUB1xwJiEvil9Ms5Mu59BC8S5l8wMzo9PJciHsOBTt6wN2dzOKRHroC3nAQSN5u 0qJqL6yPAG4SnpKCkoND41zvzUt/y7TkdqfQy5NVoNKndaK2HFahkwf7ByrvTcT3 V1vKtor78HKP6XJyuz5pv+WK4q4/0824AJv7MS0d9baFFUfAczJ5VrT+KVMK5rla EVB7iR8RTdyul5nPG+SRDbvsUqgqRIv+v0qz0SajQ9WZzPApRnK5UF4mQW6xbXPA 8xUO+7p/Q1fapjs8rHiGHqIDBEbnRcbN6CZdEB4PXdQJXNA6Y4WDmgI6MbxLf/4P ZOmSe2bZPEz0vXD72zvF9qO+M80QFwEUSJmh7BOsoZaD9gcYFS0VgYaZq2K1MTdw 2sy0FV8C8MKHxhaGCzh5fepU069sVVuExzKGctOVkOtzu6/H6yAqdFVzUL4zo2L5 631Z3I3vul+iCA== =ZWny -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 20 March 2003 13:19, Tom Emerson wrote:
note: some may consider this a shade "off-topic", so if it degenerates further I'll mark it as such. For now, however, this should be some "good info" for those that are curious [and besides, it centers around a feature that is implemented more completely in Linux than in windows ;) ]
Tom, Thank you for an excellent explanation. At the time I wrote my (rather curt) response, I was in a rush. Basically, as you noted, and others, signing messages is a personal decision. One of the arguments for signing everything that I have heard is that it is a "promotion" thing. I'm not paranoid, but as you explained, it is simple to forge headers and "be someone else" to all except those who know how to verify headers. I have been signing messages, first when I used Evolution, and now with KMail, for about a year now. Everytime I come across a signed email for which I do not have the senders key, I query key servers and if it is available, I put it in my public key ring. That does not guarantee that the person who a) generated the key and b) signed the email are really who they say they are, but it's a bit better than nothing. Now, the best thing is to be face-to-face with someone and get their public key, after verifying their identity (as in a key-signing party). Public keys are ASCII exportable, and can even be written out and typed back in and imported. Anyway, when all is said and done, I believe it is a Good Thing (TM), and I have no intention on stopping. - -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import - -- "There are 10 kinds of people in the world: those who understand binary, and those who don't." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iQIXAwUBPnqLXtGDyPawr2auFAI/dwf/dkcHfbryHjzyp1OueshXdXqznEFXmc5H +ixOwkd2eELxfSrUVKyyRmsi4uD/NnqMatsHaxD3VpyuAS5iofnpEsIPGQmQ5QCl DYHBbhtzitX4+s0/NkYNpjd5iVp1qJ7fBY5HrUWMEKVebfvxR1UllUyzj5+mGqFD fEVIyCHtg9UnNegrTVUF4hVP+WJm9d/t6o19slgJpxEhP3qM3d7DRC+nLrPT+Z+L fuUgJYrNSkHQRlYpKfvQwRCuihgeHM+L6k28civ5DAigWqzT4mWdWA65H0Cfd4zy C4Um3Sm0kB1xAAZa9W4fUwpQE2RaVTMLlC+2Dmh+Axji0CpdBzkvCgf9FlVCHvDa Ufphx8RSuEU0HxKbl6+c+FFx5Jdl188EtgYqPIdWosu1t4DuCUWcTCkxwP/q1PVl 2qyC2ErBB3kdFIN+0IYLceBvvqQrqOy+yM5Co+4Be6zy4OMXRpIsYQZvoheDHkFk XYX94GugsYs+eCIaJsZg5m9HFwfrSihiiO7c/zzkpNTsdPYqeeunOlL27ZdywtVN ygbz9/+tGxclWF848qvXchToxSFQLdl9W2fTk4X6HYgGoADrwkCDqjc0deDRabBd 9/ePx1UCJCY1nBMSY9yzQsBVofR35O0quU/cUheqgpuQ3gpCHdBJcSlkVjgJ4oRD DRXbr83P62tH5g== =ZDZo -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 20 March 2003 15:11, Terence McCarthy wrote:
On Thu, 20 Mar 2003 08:11:35 -0600
Mitch Thompson
wrote: PGP signed means *I* sent it. Deal with it.
Yep, spam filter altered and on.
Terence
Good for you! - -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import - -- "There are 10 kinds of people in the world: those who understand binary, and those who don't." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iQIXAwUBPnqML9GDyPawr2auFAIsOQf/cTOGTw/C8uWHE4mLoPOZlXLqr7R29xOI ziUZCN7KFZd8E2z8YV/Sd9Ui1hh6OI6jF4FLczS5oao5K1BzgZPxm4ajw1ez8i0S oeEyGn6vz3O6Um7lv/bX7emzrMjVFlCpF/bNnueZzbCky6C73O0dR3AQxDfUGnn4 Kk+Rf9J2Tt2vi9ta/qVNwK1Vj86DWeU9lPQc/BitNGGuNISCqko+Eby9nE9MM6EJ gTboOC/OAFlPNXJi2JI2aUIgqyZDVKGfV80l83JrPbylHNLGpf7V0YW5RMXBPkrK On6U8gssHIgd/xsjBwPdtaTKe7YKLFw/1nVqDgBkngFv6ZsnMVSZkwf/VAVqe0iF woH/sGTjjsRvmSD48tZqTBaex+8pF5qD5tsfy07WEPfuNWT77lkMmbJgEHzWVxAn f4ZOVwaY+gttveufaWfdMha/hNaux2Wtbe1Z9rHnqNaHl49EcJwAjVISiL/En9Cw iz+2lNvB+BVguU9pMNUBumfBJuna2YHwIByOIkNUKEHXUtImdingjOKskJ0bcTB8 zMIPZ3af7IX60oRd+I8VizgVQ1eI2O+ZB0+YVKp2K0MEg1Q7sOfLAM1fgZ3OoII6 wBYj2+Yl9f9fTOxSXwae4QFSTVVWca25NkgZMyUc2pGREw8ms/ebxALYxMypikAL 4mEwFG6k1RJFWA== =kaYn -----END PGP SIGNATURE-----
In a previous message, Mitch Thompson wrote:
-----BEGIN PGP SIGNED MESSAGE-----
[snip]
-----BEGIN PGP SIGNATURE-----
[snip]
-----END PGP SIGNATURE-----
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Unfortunately, your PGP sig is not being filtered out (rendered invisible) on email readers. I don't expect to see PGP sigs, only an indication of whether they're valid, because my software deals with them automatically. However, your emails aren't detected as being PGP signed at all. It might be because the list is adding this footer after the PGP sig block, and the message is declared as containing only a single text/plain part. In a PGP-signed email, the PGP delimiters are supposed (AFAIK) to bracket the whole message, so the list-added footer is breaking your post, leading to people having to see this huge PGP block. Perhaps you could sign messages using PGP/MIME for those who support it - it would then not annoy people reading the text part because it would be in a separate part? John -- John Pettigrew Headstrong Games john@headstrong-games.co.uk Fun : Strategy : Price http://www.headstrong-games.co.uk/ Board games that won't break the bank Knossos: escape the ever-changing labyrinth before the Minotaur catches you!
On Thu, Mar 20, 2003 at 09:47:42PM -0600, mitchthompson@satx.rr.com wrote:
Anyway, when all is said and done, I believe it is a Good Thing (TM), and I have no intention on stopping.
Your signature does, however, seem to be much longer than most people's (which are generally around 4-ish lines). Have you used a different type of key or algorithm? -- David Smith Work Email: Dave.Smith@st.com STMicroelectronics Home Email: David.Smith@ds-electronics.co.uk Bristol, England GPG Key: 0xF13192F2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [actually, I'm replying to John's post next in this thread, but needed to show it from this point] Shown below are the first & last few lines of Mitch's message as it appears to me when I use Kmail's "reply-to-list" function: On Thursday 20 March 2003 7:47 pm, Mitch Thompson wrote:
On Thursday 20 March 2003 13:19, Tom Emerson wrote:
note: some may consider this a shade "off-topic", so if it degenerates [snip] -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import -- "There are 10 kinds of people in the world: those who understand binary, and those who don't."
I don't claim to know everything that is going on, and I certainly expect this to be what I called a "closed system" in a private message -- both Mitch and I are using kmail, so *perhaps* kmail does some things that aren't 100% standard, but "to me" I see that: * I don't see the "---BEGIN PGP MESSAGE---" type headers & footers as text, but rather kmail uses these to color-code the message [and in this case it is yellow, indicating that while the signature is valid for the message contained within, I've never directly or indirectly verified his key] * the "reply" action strips these from the reply itself * replying FURTHER strips the final-most "signature" applied by the list software [I once had someone send a message that began with the signature indicator -- many clients pre-load the signature block when you start a new message, so he must have just started typing at the end of that -- in any case, my "reply" to him quoted nothing; instant "TOFU" stopper... ;) ] So, as I said, I think this is a "closed" system in that Kmail understands fully how a kmail-composed message is organized, so it doesn't show anything as "wrong". I see from John's headers he is using "messenger-pro/2.61", edited by Zap/ZapEmail, so there is some "difference of opinion" between these two programs [and I would expect my message to appear to have the same problem(s) from John's point of view] This is worse than browser compatability, and I'm afraid human nature is such that everyone will claim that their client is "absolutely correct" and haughtily sneer at any other e-mail client "that doesn't work right" and claim it "must" be the other client that is "wrong" [in fact, you might almost think that is my attitude, but trust me, it isn't] I *have* seen messages appearing on the kmail developer/bug e-mail list about "incompatabilities" between clients, along with samples of messages "as seen by" these other clients in an attempt to figure out where things broke down. [see bug #55450 -- a sylpheed user noted a problem w/detached signatures; turns out an extra cr/lf pair was needed that wasn't immediately obvious] Unfortunately this requires cooperation of people who aren't using kmail to tell the developers of kmail where things aren't correct -- not always an easy task :( Tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: http://osnut.homelinux.net/TomEmerson.asc iD8DBQE+evF3V/YHUqq2SwsRAt4aAJ93GIBSZR6jgvCkOfm3ZFR4DepSagCfS0xx drQFSvPAzdO2sc/uadiMEO4= =rx/S -----END PGP SIGNATURE-----
In a previous message, Tom Emerson wrote:
* I don't see the "---BEGIN PGP MESSAGE---" type headers & footers as text, but rather kmail uses these to color-code the message
I don't see these in normal PGP-signed messages, either, which is why there's obviously something unusual going on here.
I see from John's headers he is using "messenger-pro/2.61", edited by Zap/ZapEmail, so there is some "difference of opinion" between these two programs [and I would expect my message to appear to have the same problem(s) from John's point of view]
It does indeed. However, at least yours has far more content than PGP signature! The main problem with the messages that have been commented on is that they are short but have very long (far longer than normal) PGP sig blocks.
This is worse than browser compatability, and I'm afraid human nature is such that everyone will claim that their client is "absolutely correct" and haughtily sneer at any other e-mail client "that doesn't work right"
In this case, I'm sure that kmail is actually getting it right - the list can't add its footer within the "real" text, because that would break the PGP sig. It's obviously a MessPro failing that it's not understanding this message correctly. I'll be posting a bug report about this in the support forum. However, anyone using a MUA that doesn't use PGP at all will be seeing the same as those of us using agents that don't understand PGP-signed mailing-list posting, which is far too much PGP and too little content. John -- John Pettigrew Headstrong Games john@headstrong-games.co.uk Fun : Strategy : Price http://www.headstrong-games.co.uk/ Board games that won't break the bank Valley of the Kings: ransack an ancient Egyptian tomb but beware of mummies!
* Tom Emerson
Unfortunately this requires cooperation of people who aren't using kmail to tell the developers of kmail where things aren't correct -- not always an easy task :(
Tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: http://osnut.homelinux.net/TomEmerson.asc
iD8DBQE+evF3V/YHUqq2SwsRAt4aAJ93GIBSZR6jgvCkOfm3ZFR4DepSagCfS0xx drQFSvPAzdO2sc/uadiMEO4= =rx/S -----END PGP SIGNATURE-----
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
[note] siq quoted as seen for example/discussion.... But, your sig is minimal in comparison to the objection. It also does not show a ..sig-indicator.. here, mutt v1.5.4i which has had gpg/pgp support built in for many versions. Appears that kmail has developed its own agenda with respect to gpg/pgp (and I hate to say it) similar to lookout and lookout express. They (lookout, etal) cough up gpg/pgp/mime. You noted in a private post that quoted_printable handling by mutt could be the problem, but that is not the case. This discorse *should* *probably* be moved to suse-kde ?? -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org Linux, a continuous *learning* experience
In a previous message, John Pettigrew wrote:
In a previous message, Tom Emerson wrote:
I'm afraid human nature is such that everyone will claim that their client is "absolutely correct" and haughtily sneer at any other e-mail client "that doesn't work right"
In this case, I'm sure that kmail is actually getting it right [snip] It's obviously a MessPro failing
Actually, I've just checked and Mozilla (with enigmail) doesn't get it "right" either. Perhaps only kmail does? John -- John Pettigrew Headstrong Games john@headstrong-games.co.uk Fun : Strategy : Price http://www.headstrong-games.co.uk/ Board games that won't break the bank Valley of the Kings: ransack an ancient Egyptian tomb but beware of mummies!
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 21 March 2003 3:25 am, Patrick Shanahan wrote:
* Tom Emerson
[03-21-03 06:06]: [big snip] But, your sig is minimal in comparison to the objection. It also does not show a ..sig-indicator.. here, mutt v1.5.4i which has had gpg/pgp support built in for many versions.
whups -- my fault -- as I mentioned in passing, some (most? all?) clients "pre-load" the signature when replying, [which I see it has done here] and either (a) I cut it out [unlikely, but not impossible] or (b) for some reason kmail used a different "identity" [which is what determines which "sig" gets used] As such, I merely typed my name at the end and hit "send"
Appears that kmail has developed its own agenda with respect to gpg/pgp (and I hate to say it) similar to lookout and lookout express. They (lookout, etal) cough up gpg/pgp/mime.
Actually, "the most current" version of kmail [for the kde 3.1 series] technically uses the "agypten" plugin, which is supposed to make it multipart-mime with a detached signature. So far, I haven't jumped through the hoops neccessary to add in this "plug in" support [partly because there were some suse specific issues, I think] so the program sort-of drops back to the "old" in-line support [which is probably better considering the current discussion of message lengths -- 'multipart/mime" just adds that many more lines to deal with...]
This discorse *should* *probably* be moved to suse-kde ??
there is such? [hopefully there isn't much traffic on that one -- the couple of hundred messages here and on the "openoffice.org" list keep me busy enough as it is... ;) ] - -- Yet another Blog: http://osnut.homelinux.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: http://osnut.homelinux.net/TomEmerson.asc iD8DBQE+evuoV/YHUqq2SwsRAhqcAJ9Jm39J6tsFuJQPQqDNF5e4tH6uYgCeIbxI ErBefe1l3yhcVIk/nWNlHjA= =8r0y -----END PGP SIGNATURE-----
The 03.03.21 at 11:33, John Pettigrew wrote:
In this case, I'm sure that kmail is actually getting it right [snip] It's obviously a MessPro failing
Actually, I've just checked and Mozilla (with enigmail) doesn't get it "right" either. Perhaps only kmail does?
Both Tom Emerson and Mitch Thompson (both using KMail/1.5) are checked alright by Pine, I don't see the pgp/gpg signature (I don't even see the "normal" signature!); what I see is this at the bottom: |>------------ Output from gpg ------------ |>gpg: please see http://www.gnupg.org/faq.html for more information |>gpg: Signature made Fri 21 Mar 2003 12:03:19 PM CET using DSA key ID AAB64B0B |>gpg: Can't check signature: public key not found Which is normal, as I haven't imported the key - and won't bother, in fact :-) However, mozilla (with enigmail) doesn't see it right; this is what it shows: |>- -- |>Yet another Blog: http://osnut.homelinux.net |>-----BEGIN PGP SIGNATURE----- |>Version: GnuPG v1.0.7 (GNU/Linux) |>Comment: http://osnut.homelinux.net/TomEmerson.asc |> |>iD8DBQE+evuoV/YHUqq2SwsRAhqcAJ9Jm39J6tsFuJQPQqDNF5e4tH6uYgCeIbxI |>ErBefe1l3yhcVIk/nWNlHjA= |>=8r0y |>-----END PGP SIGNATURE----- Perhaps it is because kmail inserts an extra "=2D", which can be seen looking at the source: |>=2D----BEGIN PGP SIGNATURE----- That makes some MUA cough, and has been comented here as well. -- Cheers, Carlos Robinson
On Friday 21 March 2003 03:40, Dave Smith wrote:
On Thu, Mar 20, 2003 at 09:47:42PM -0600, mitchthompson@satx.rr.com wrote:
Anyway, when all is said and done, I believe it is a Good Thing (TM), and I have no intention on stopping.
Your signature does, however, seem to be much longer than most people's (which are generally around 4-ish lines). Have you used a different type of key or algorithm?
I may have. I think that, at the time I generated my key(s), I decided that "more is better" wrt key size in bits. If this is the case, then that would be the reason for the large signature. (this message unsigned for the sensitive) -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import -- "There are 10 kinds of people in the world: those who understand binary, and those who don't."
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 21 March 2003 02:39, John Pettigrew wrote:
Perhaps you could sign messages using PGP/MIME for those who support it - it would then not annoy people reading the text part because it would be in a separate part?
I will look into it, especially if it will promote peace and harmony here. - -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import - -- "There are 10 kinds of people in the world: those who understand binary, and those who don't." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iQIXAwUBPnshcdGDyPawr2auFALLYQf+KpCPX3FsWO9ioOWED1Sr36M3r0WtK9GS u9RJvrFOAQItOmjSjRTs+jeYQtaU3puK+kJVUlAiNjs0Kv2Kcl7s3+1YPyMQko51 3Sxd28rLagnyKlHsK7zZkyiytNiuS82tlZ90gDvEGHSYg6EGXv7yXJxmv2q5Gpsk llOX2ucCrs6KXoON/DNiPc9hbxFNCrlGx6T3DV+pKOhyVFNuIFK+C+KI9O9/TYqI VXUVojGYImTZRQrtmoipBZlvR8EK7rm0DjiJzW4iSUIOAc+pjJVIzRC45WikGv4P wNrcWtZxFVZJci0aw/FI7xUO40NR68xYRAZhNH8QVvcjVPMyvX4dGggAlo0lycTV L8OP/DGkStJNj8AoIWi0WMYwUHKe3tKRlcnnI8PrS1aiXZ0AnYGcpONsC1Fp7aae Mzjy4xy3lk3R8Vtje0tyqRUa9/k/P93s2JszNjNyhrQL+4dNrrMzutKl3L2qshvT QDCMEZi3tDXg7bXH1mx75eggsl+7CIf6kXAvrmy0AorwxzNdDNJ2/DQEnRiXbu5m /oMLRh5WdqXj0n/ynxAwKMS8364Q3muI4G0sevc87nE8LnpHTUN0HmvTxQzgf/4+ RwDM3X2PFNfmICwkfonimWW5VQu96aHvo8N2qFlCi8dHJxlhrG1+a3EkmG3EN6ys z66gpjH81Xtwtw== =HLQS -----END PGP SIGNATURE-----
Mitch Thompson
On Friday 21 March 2003 02:39, John Pettigrew wrote:
Perhaps you could sign messages using PGP/MIME for those who support it - it would then not annoy people reading the text part because it would be in a separate part?
I will look into it, especially if it will promote peace and harmony here.
FWIW, my Mutt setup doesn't show your sig (which is normal). The message looks like: ========================================================================== [-- BEGIN PGP SIGNED MESSAGE --] On Friday 21 March 2003 02:39, John Pettigrew wrote:
Perhaps you could sign messages using PGP/MIME for those who support it -
[...] "There are 10 kinds of people in the world: those who understand binary, and those who don't." [-- END PGP SIGNED MESSAGE --] ========================================================================= Apparently, the reason it looks as it should is because my .procmailrc inserts the proper headers: =====================> .promailrc <========================= [...] ## PGP ## :0 * !^Content-Type: message/ * !^Content-Type: multipart/ * !^Content-Type: application/pgp { :0 fBwh * ^-----BEGIN PGP MESSAGE----- * ^-----END PGP MESSAGE----- | formail \ -i "Content-Type: application/pgp; format=text; x-action=encrypt" :0 fBwh * ^-----BEGIN PGP SIGNED MESSAGE----- * ^-----BEGIN PGP SIGNATURE----- * ^-----END PGP SIGNATURE----- | formail \ -i "Content-Type: application/pgp; format=text; x-action=sign" } [...] =========================================================== However, PGP 6.58 fails to verify your sig. Anyone been able to get a good sig report on Mitch's sigs? (yes, Mitch's public key is on my keyring). I second John's suggestion to sign messages using PGP/MIME. Sigs that don't verify are not of much use. -rex -- Thoughtcrime was not a thing that could be concealed forever. You might dodge successfully for a while, even for years, but sooner or later they were bound to get you." -- George Orwell, 1984
Patrick Shanahan
This discorse *should* *probably* be moved to suse-kde ??
It's not a SuSE or KDE issue, it's about PGP/GPG and various MUAs. I suggest either leaving the thread here (with [OT] in the subject) or moving it to: http://www.cryptorights.org/lists/pgp-users/ -rex -- Why did the mathematician name his dog Cauchy? Because he left residue at every pole.
On Friday 21 March 2003 13:13, rex wrote:
However, PGP 6.58 fails to verify your sig.
Anyone been able to get a good sig report on Mitch's sigs? (yes, Mitch's public key is on my keyring).
I second John's suggestion to sign messages using PGP/MIME. Sigs that don't verify are not of much use.
When I see a message signed by me in KMail, I get this (indented by me for clarity): Message was signed by James M. THompson (Key ID: 0xB0AF66AE). The signature is valid, but the key is untrusted. -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import -- "There are 10 kinds of people in the world: those who understand binary, and those who don't." I occasionally get emails stating they cannot verify my key. When I created my key, I created a 2048-bit key (yah, way overboard, I know). Also, it is a key type of "ElGamal". It was created 2 years ago, today (what a coincidence). Could the key type be the cause of the problem? I forget why I chose ElGamal versus DSA. Now, I need to go read up on problems with ElGamal versus DSA. End of signed message -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import -- "There are 10 kinds of people in the world: those who understand binary, and those who don't."
* Mitch Thompson
When I see a message signed by me in KMail, I get this (indented by me for clarity):
Message was signed by James M. THompson (Key ID: 0xB0AF66AE). The signature is valid, but the key is untrusted.
-- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import -- "There are 10 kinds of people in the world: those who understand binary, and those who don't."
I occasionally get emails stating they cannot verify my key.
When I created my key, I created a 2048-bit key (yah, way overboard, I know).
Also, it is a key type of "ElGamal". It was created 2 years ago, today (what a coincidence).
Could the key type be the cause of the problem? I forget why I chose ElGamal versus DSA. Now, I need to go read up on problems with ElGamal versus DSA.
[to me in mutt] your sig looked as below, but the current post was respectable, tks: - -- Mitch Thompson, San Antonio TX // WB5UZG Red Hat Certified Engineer (RHCE) http://home.satx.rr.com/mlthompson Independent Amsoil Dealer http://amsdealer.webhop.biz GPG: BBDA 3A2A 4483 BD0D 7CED B8A9 D183 C8F6 B0AF 66AE wget -O - http://home.satx.rr.com/mlthompson/pubkey.gpg | gpg --import - -- "There are 10 kinds of people in the world: those who understand binary, and those who don't." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iQIXAwUBPnshcdGDyPawr2auFALLYQf+KpCPX3FsWO9ioOWED1Sr36M3r0WtK9GS u9RJvrFOAQItOmjSjRTs+jeYQtaU3puK+kJVUlAiNjs0Kv2Kcl7s3+1YPyMQko51 3Sxd28rLagnyKlHsK7zZkyiytNiuS82tlZ90gDvEGHSYg6EGXv7yXJxmv2q5Gpsk llOX2ucCrs6KXoON/DNiPc9hbxFNCrlGx6T3DV+pKOhyVFNuIFK+C+KI9O9/TYqI VXUVojGYImTZRQrtmoipBZlvR8EK7rm0DjiJzW4iSUIOAc+pjJVIzRC45WikGv4P wNrcWtZxFVZJci0aw/FI7xUO40NR68xYRAZhNH8QVvcjVPMyvX4dGggAlo0lycTV L8OP/DGkStJNj8AoIWi0WMYwUHKe3tKRlcnnI8PrS1aiXZ0AnYGcpONsC1Fp7aae Mzjy4xy3lk3R8Vtje0tyqRUa9/k/P93s2JszNjNyhrQL+4dNrrMzutKl3L2qshvT QDCMEZi3tDXg7bXH1mx75eggsl+7CIf6kXAvrmy0AorwxzNdDNJ2/DQEnRiXbu5m /oMLRh5WdqXj0n/ynxAwKMS8364Q3muI4G0sevc87nE8LnpHTUN0HmvTxQzgf/4+ RwDM3X2PFNfmICwkfonimWW5VQu96aHvo8N2qFlCi8dHJxlhrG1+a3EkmG3EN6ys z66gpjH81Xtwtw== =HLQS -----END PGP SIGNATURE----- -- Patrick Shanahan Please avoid TOFU and trim >quotes< http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org Linux, a continuous *learning* experience
On Fri, 21 Mar 2003, rex just had to get this off his chest:
Mitch Thompson
[2003-03-21 08:38]: On Friday 21 March 2003 02:39, John Pettigrew wrote:
Perhaps you could sign messages using PGP/MIME for those who support it - it would then not annoy people reading the text part because it would be in a separate part?
I will look into it, especially if it will promote peace and harmony here.
FWIW, my Mutt setup doesn't show your sig (which is normal). The message looks like:
========================================================================== [-- BEGIN PGP SIGNED MESSAGE --]
On Friday 21 March 2003 02:39, John Pettigrew wrote:
Here it looks like:
Message-Id: <200303210828.02136.mitchthompson@satx.rr.com>
Subject: Re: [SLE] pgp/gpg signatures & security (was 8.2 Announced)
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by maildrop5.xs4all.nl id h2LEcD2n081783
X-Spam-Status: No, hits=-6.5 required=5.0 tests=IN_REP_TO,PGP_SIGNATURE version=2.20
X-Spam-Level:
Content-Type: application/pgp; format=text; x-action=sign
[-- PGP output follows (current time: Sat 22 Mar 2003 01:06:33 AM CET) --]
gpg: Signature made Fri Mar 21 15:28:01 2003 CET using ELG key ID B0AF66AE
gpg: Good signature from "James M. THompson
However, PGP 6.58 fails to verify your sig.
gpg-1.2.1-1 has no problem
Anyone been able to get a good sig report on Mitch's sigs? (yes, Mitch's public key is on my keyring).
As you see.
I second John's suggestion to sign messages using PGP/MIME. Sigs that don't verify are not of much use.
Using MIME is definitly better than the "old" way of dumping all of it in the body as text. -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SuSE 8.0 x86 Kernel k_Athlon 2.4.19-4GB See headers for PGP/GPG info.
The 03.03.21 at 18:18, Patrick Shanahan wrote:
[to me in mutt] your sig looked as below, but the current post was respectable, tks:
I can not check your signature with Pine; gpg complains of "detacched signature": |Detached signature. |>Please enter name of data file: p |>gpg: Signature made Fri 21 Mar 2003 03:28:01 PM CET using ELG key ID B0AF66AE |>gpg: Can't check signature: public key not found The file contains a begin/end PGP signature block. With mozilla, it asks for _my_ passphrase (I can't understand why?) and then shows the message with the broken pen icon. -- Cheers, Carlos Robinson
The 03.03.21 at 11:13, rex wrote:
Anyone been able to get a good sig report on Mitch's sigs? (yes, Mitch's public key is on my keyring).
Yes, I do with pine (and pgp4pine). I don't have his key on my keyring, so what get is the id. With mozilla, I get the broken pen icon, and I can see the PGP full text signature on the mail (ie, not filtered out). -- Cheers, Carlos Robinson
Carlos E. R.
The 03.03.21 at 11:13, rex wrote:
Anyone been able to get a good sig report on Mitch's sigs? (yes, Mitch's public key is on my keyring).
Yes, I do with pine (and pgp4pine). I don't have his key on my keyring, so what get is the id.
With mozilla, I get the broken pen icon, and I can see the PGP full text signature on the mail (ie, not filtered out).
Thanks for the report, but you need his public key on your keyring to be sure that the sig would verify the message. -rex
In a previous message, Theo v. Werkhoven wrote:
On Friday 21 March 2003 02:39, John Pettigrew wrote: [..]
However, PGP 6.58 fails to verify your sig.
gpg-1.2.1-1 has no problem
For the record, that wasn't me! John -- John Pettigrew Headstrong Games john@headstrong-games.co.uk Fun : Strategy : Price http://www.headstrong-games.co.uk/ Board games that won't break the bank Knossos: escape the ever-changing labyrinth before the Minotaur catches you!
On Sat, 22 Mar 2003, John just had to get this off his chest:
In a previous message, Theo v. Werkhoven wrote:
On Friday 21 March 2003 02:39, John Pettigrew wrote: [..]
However, PGP 6.58 fails to verify your sig.
gpg-1.2.1-1 has no problem
For the record, that wasn't me!
I never said it was. I reacted to Rex who commented on Mitch, commenting on your comments ;-) So the last bit ("However, PGP 6.58 fails to verify your sig.") was Rex's. Cheers, Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SuSE 8.0 x86 Kernel k_Athlon 2.4.19-4GB See headers for PGP/GPG info.
Theo v. Werkhoven
So the last bit ("However, PGP 6.58 fails to verify your sig.") was Rex's.
Theo, I'm getting a bad sig message from PGP:
[-- PGP output follows (current time: Sat 22 Mar 2003 12:15:03 PM PST) --]
WARNING: Bad signature, doesn't match file contents!
Bad signature from user "Theo v. Werkhoven (Usenet and personal mail)
On Sat, 22 Mar 2003, rex just had to get this off his chest:
Theo v. Werkhoven
[2003-03-22 09:31]: So the last bit ("However, PGP 6.58 fails to verify your sig.") was Rex's.
Theo, I'm getting a bad sig message from PGP:
[-- PGP output follows (current time: Sat 22 Mar 2003 12:15:03 PM PST) --] WARNING: Bad signature, doesn't match file contents!
Bad signature from user "Theo v. Werkhoven (Usenet and personal mail)
". Pretty Good Privacy(tm) Version 6.5.8 [...] [-- End of PGP output --]
It is strange, yes. Today I asked some people on IRC to check my GPG sig. One person had no problem verifiying the sig (ihe is using Mutt 1.4i and GPG 1.2.1), the other person said my sig wasn't valid according to his setup (he is using Mutt 1.3.27 and GPG 1.0.6).
I emailed you about it (your key shows as expired in PGP), but your ISP is blocking mail from dialup IP ranges:
They're not, I am.
Error 571: ACCESS DENIED by Wirehub! Internet DynaBlock a.k.a. Dynamic IP range listed by Wirehub! Internet DynaBlock (Nederlands)
The only dynamically assigned IP addresses (esp. dynamically assigned dial-up connections) our mail servers want to talk to are our own. Plain and simple. You're not accused of being a spammer, but the fact is that spammers prefer to use dial-up connections to send unwanted e-mail. If you feel victimized by this, you're a victim of the spamming industry, just like we are.
This makes about as much sense as not allowing anyone on a bus who pays cash because a few people who pay cash cause problems.
In: MAIL From:
It's quite disappointing to see that signing/encryption failures are so common after public key encryption has been in use for so long (I started using PGP in 1994 and used another public-key encryption program before that). It's bad enough when the parties can communicate openly, but it's much worse when remailers and pseudonyms are used.
I coudn't agree more. Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SuSE 8.0 x86 Kernel k_Athlon 2.4.19-4GB See headers for PGP/GPG info.
The 03.03.21 at 19:54, rex wrote:
Thanks for the report, but you need his public key on your keyring to be sure that the sig would verify the message.
Of course, I know! I was only saying that Pine detected and processed the signature: unless this work, having the public key is useless. The things is, that some people pgp signatures are not even detected as such by the mail client program (in my case, pine or mozilla). Mozilla then offers to download the keys, but it fails. I understand that some people specify on the signature itself where to download the public key (I can not see that text unless I look at the source), but anyway, mozilla fails to honor that link - maybe on purpose :-? -- Cheers, Carlos Robinson
Theo v. Werkhoven
It is strange, yes. Today I asked some people on IRC to check my GPG sig. One person had no problem verifiying the sig (ihe is using Mutt 1.4i and GPG 1.2.1), the other person said my sig wasn't valid according to his setup (he is using Mutt 1.3.27 and GPG 1.0.6).
Any ideas on what the problem is? I've looked at the raw (well, not quite, because all messages go through procmail) message in /var/mail/rex with the same result.
but your ISP is blocking mail from dialup IP ranges:
They're not, I am.
Good, you have a choice.
I'm sorry you're on the "wrong" end of the stick, but it is your choice to use a mail-setup that is a known source of spam. Please read the rest of the advice:
[advice that was previously read snipped] You're obviously a knowledgeable user and I don't expect that anything I can say will alter your position. Nevertheless, for others who may be reading the thread: your argument is similar to a shopkeeper barring blacks from his shop because blacks indisputably (in the USA, at least) commit crimes at a higher rate than other racial groups, never mind that in spite of the higher rate, the percentage of blacks who are criminals is small. IOW, your policy of blocking dialup IPs punishes a largely innocent group for the infractions of a few. It also hurts you because people you may want to get mail from cannot get through (yes, I know how to use my ISP as a smart host, but my choice is to run my own mail server (sendmail) and bypass my ISP. Those who have been following the evisceration of the Bill of Rights in the USA may understand why.)
It's quite disappointing to see that signing/encryption failures are so common after public key encryption has been in use for so long
I coudn't agree more.
It's tragic. By now, strong encryption that works transparently should be built into every MUA. There shouldn't be any interoperability issues, yet they are the norm rather than the exception. The price is that people who may desperately need help, but cannot risk to posting openly, often don't get help. Teens with sexual identity confusion, people who are HIV+, and potential whistle-blowers come immediately to mind. The world would be a better place if these people could post using a secure pseudonym. It's presently possible, but the hurdles deter all but the very technically adept. -rex -- "To announce that there must be no criticism of the president, or that we are to stand by the president right or wrong, is not only unpatriotic and servile, but is morally treasonable to the American public." - Theodore Roosevelt (1918)
On Sat, 22 Mar 2003, rex just had to get this off his chest:
Theo v. Werkhoven
[2003-03-22 14:58]: It is strange, yes. Today I asked some people on IRC to check my GPG sig. One person had no problem verifiying the sig (ihe is using Mutt 1.4i and GPG 1.2.1), the other person said my sig wasn't valid according to his setup (he is using Mutt 1.3.27 and GPG 1.0.6).
Any ideas on what the problem is? I've looked at the raw (well, not quite, because all messages go through procmail) message in /var/mail/rex with the same result.
Not a clue. Maybe a MUA's problem dealing with MIME, or quoted printable messages? The FAQ on gnupg.org only mentions incompatibilities between old versions of GPG and PGP.
but your ISP is blocking mail from dialup IP ranges:
They're not, I am.
Good, you have a choice.
I'm sorry you're on the "wrong" end of the stick, but it is your choice to use a mail-setup that is a known source of spam. Please read the rest of the advice:
[advice that was previously read snipped]
You're obviously a knowledgeable user and I don't expect that anything I can say will alter your position. Nevertheless, for others who may be reading the thread: your argument is similar to a shopkeeper barring blacks from his shop because blacks indisputably (in the USA, at least) commit crimes at a higher rate than other racial groups, never mind that in spite of the higher rate, the percentage of blacks who are criminals is small. IOW, your policy
Wrong analogy. The dynablock doesn't discriminate between ISP's, countries, etnics groups etc., it just says that dialup users should use another way to deliver the mail then directly.
of blocking dialup IPs punishes a largely innocent group for the infractions of a few. It also hurts you because people you may want to get mail from cannot get through (yes, I know how to use my ISP as a smart host, but my choice is to run my own mail server (sendmail) and bypass my ISP. Those who have been following the evisceration of the Bill of Rights in the USA may understand why.)
This dynablock rule is hardly ever triggered by mail I receive, and in fact yours was the very first "false-positive". I seriously doubt that there are many people who wish (let alone known how) to run their own MTA on a dail-up line. I'll consider disabling the rule, to see if many more spam appear in my Junkmail box after SA dealt with it. As for your political situation.. You get to vote again in a couple of years right? Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SuSE 8.0 x86 Kernel k_Athlon 2.4.19-4GB See headers for PGP/GPG info.
Theo v. Werkhoven
On Sat, 22 Mar 2003, rex just had to get this off his chest:
Any ideas on what the problem is? I've looked at the raw (well, not quite, because all messages go through procmail) message in /var/mail/rex with the same result.
Not a clue. Maybe a MUA's problem dealing with MIME, or quoted printable messages? The FAQ on gnupg.org only mentions incompatibilities between old versions of GPG and PGP.
I'm running Mutt 1.4i. As I expect you know, Mutt is among the best in MIME compliance and there is no problem checking sigs on messages that I send to myself.
your argument is similar to a shopkeeper barring blacks from his shop because blacks indisputably (in the USA, at least) commit crimes at a higher rate than other racial groups, never mind that in spite of the higher rate, the percentage of blacks who are criminals is small.
Wrong analogy. The dynablock doesn't discriminate between ISP's, countries, etnics groups etc., it just says that dialup users should use another way to deliver the mail then directly.
Not wrong: dynablock discriminates against dialup users, even though the majority of dialup users are not spammers.
I'll consider disabling the rule, to see if many more spam appear in my Junkmail box after SA dealt with it.
Excellent! Please let me know the results. If it results in a large increase in the spam messages I may alter my position, which is: when a spammer is identified, invite your 300#+ cousin who enjoys inflicting pain to visit the spammer. If s/he doesn't get the message and quit, disappearance is called for; after all, there are many hungry scavenger animals that need to eat.
As for your political situation.. You get to vote again in a couple of years right?
The person responsible for the current war of aggression LOST the last election by ~half a million votes. If votes were not illegally excluded, he -- the (allegedly) reformed coke snorter -- would also have lost the Electoral College vote. The next USA election depends critically upon the accuracy of the vote tabulation, but unfortunately this depends upon the unauditable accuracy of the vote machines controlled by Chuck Hagel. Anyone interested should try Google with the search string: voting+machines chuck+hagel -rex -- The fact is that the average man's love of liberty is nine-tenths imaginary, exactly like his love of sense, justice and truth. He is not actually happy when free; he is uncomfortable, a bit alarmed, and intolerably lonely. Liberty is not a thing for the great masses of men. It is the exclusive possession of a small and disreputable minority, like knowledge, courage and honor. It takes a special sort of man to understand and enjoy liberty---and he is usually an outlaw in democratic societies. -- H.L. Mencken, Baltimore Evening Sun, Feb. 12, 1923
The 03.03.23 at 01:32, Theo v. Werkhoven wrote:
shop because blacks indisputably (in the USA, at least) commit crimes at a higher rate than other racial groups, never mind that in spite of the higher rate, the percentage of blacks who are criminals is small. IOW, your policy
Wrong analogy. The dynablock doesn't discriminate between ISP's, countries, etnics groups etc., it just says that dialup users should use another way to deliver the mail then directly.
We can't. I have a few different mail accounts, from different ISPs. The smtp host of any of them rejects mail with the "from" of another provider - correctly, of course -. The only way left for us is to use our local sendmail or postfix to handle the delivery. If you are going to say that I could set up different relay host depending on the "from", it wouldn't work the moment the provider notices the IP is from the "other" provider. Instead, you could check whether the "from" domain is real, or use white lists. Or spamassasin, that seems to catch most of the spam. -- Cheers, Carlos Robinson
On Sun, 23 Mar 2003, Carlos just had to get this off his chest:
The 03.03.23 at 01:32, Theo v. Werkhoven wrote:
shop because blacks indisputably (in the USA, at least) commit crimes at a higher rate than other racial groups, never mind that in spite of the higher rate, the percentage of blacks who are criminals is small. IOW, your policy
Wrong analogy. The dynablock doesn't discriminate between ISP's, countries, etnics groups etc., it just says that dialup users should use another way to deliver the mail then directly.
We can't.
I have a few different mail accounts, from different ISPs. The smtp host of any of them rejects mail with the "from" of another provider - correctly, of course -. The only way left for us is to use our local sendmail or postfix to handle the delivery.
If you are going to say that I could set up different relay host depending on the "from", it wouldn't work the moment the provider notices the IP is from the "other" provider.
There is such a thing as pop-before-smtp, which normally allows you to use an ISPs mail server as long as you supply your authentication by popping first.
Instead, you could check whether the "from" domain is real, or use white lists.
Or spamassasin, that seems to catch most of the spam.
I'm already using just about every measure you can think of, dynablocking is/was (I disabled it to test) just one link in the chain. Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SuSE 8.0 x86 Kernel k_Athlon 2.4.19-4GB See headers for PGP/GPG info.
The 03.03.23 at 14:46, Theo v. Werkhoven wrote:
I have a few different mail accounts, from different ISPs. The smtp host of any of them rejects mail with the "from" of another provider - correctly, of course -. The only way left for us is to use our local sendmail or postfix to handle the delivery.
If you are going to say that I could set up different relay host depending on the "from", it wouldn't work the moment the provider notices the IP is from the "other" provider.
There is such a thing as pop-before-smtp, which normally allows you to use an ISPs mail server as long as you supply your authentication by popping first.
Yes... suppossing that my ISPs use it, and that it would be possible to coordinate fetchmail and postfix, which I think it's not possible. At least one of my provider requires password; and I would have to configure postfix to somehow send each mail to a different relay depending on the from. One more reason not use the ISPs' relay: often they fail to send, and don't inform me. Ie, they fail silently. Mass ISP are not... let's say, very "helpfull". For example, they do not respond to email enquiries, I have to phone a 906 number (something less than 1 eur per minute) if I have a problem.
Instead, you could check whether the "from" domain is real, or use white lists.
Or spamassasin, that seems to catch most of the spam.
I'm already using just about every measure you can think of, dynablocking is/was (I disabled it to test) just one link in the chain.
I can very well understand that... -- Cheers, Carlos Robinson
participants (34)
-
ABHIJIT NAIK
-
Anders Johansson
-
Anders Karlsson
-
Ben Rosenberg
-
Bryan Tyson
-
Carlos E. R.
-
Christopher Mahmood
-
Curtis Rey
-
Dave Smith
-
David Benfell
-
David Herman
-
fsanta
-
Jack Malone
-
John
-
John LeMay
-
John Pettigrew
-
Johnny Ernst Nielsen
-
Kelly L. Fulks
-
Lester Caine
-
Marshall Heartley
-
Matt
-
Mitch Thompson
-
Nick LeRoy
-
Patrick Shanahan
-
Peter B Van Campen
-
PL O'Smith
-
rex
-
Schulz Georges
-
sjb
-
Stuart Powell
-
Terence McCarthy
-
Theo v. Werkhoven
-
Tom Emerson
-
zentara