Decryption using GPGServices shows the same text twice
This comment was split from the discussion: Sending key failed. Send keys failed! Code = 0
looks like the governments of the world don't want us having private conversations...
sigh.
btw - im trying out the 'Services' additions that let you encrypt and decrypt text from SimpleText etc....
pretty cool! -- except why does the decryption cause the text to come back doubled?
cheers
Tj
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Luke Le on 16 Aug, 2012 04:54 PM
That's a known issue.
Have you downloaded the latest nightly already?
If not, please do so. It should fix a bunch of bugs related to GPGServices.
You can get it from https://nightly.gpgtools.org
2 Posted by TJ Marbois on 16 Aug, 2012 04:59 PM
done!
aha - nice new pop down with S/MIME or OpenPGP!
will this SMIME work with iOS then?
cool stuff - thanks again.
cheers
Tj
Support Staff 3 Posted by Luke Le on 16 Aug, 2012 05:00 PM
It will, but you need to correctly setup the S/MIME certificate on your mac and on your iOS device.
Glad you like it :)
4 Posted by TJ Marbois on 16 Aug, 2012 09:34 PM
Luke
i got it all working including with S/Mime! thank you! its awesome... now I can choose either PGP or SMIME! wow!
I have a question for you ( if you have the time to answer - if not its ok too )
With the S/Mime -- instead of going to a Certificate Authority -- I thought why am I using a 3rd party that I must PAY?? or even just give them all my info???
Im the one I trust... why can I not make my own Certificates?? then I saw the ability to make Certificate Authority thru Keychain access...and I did it - and successfully got those keys into my ipad and working on my mac after some fiddling...
Is there any real reason why being your own authority is bad?? If Im dealing with emails between trusted people that I already know...why do we need to submit to a 3rd party??
and why is this information so difficult to find out about? Im only asking you after hours of searching and reading and trying to comprehend it all....
I keep thinking -- no one has more authority over my security than MYSELF??
? is it ok to use your own self-signed certificates for email?
cheers
TJ
Support Staff 5 Posted by Luke Le on 16 Aug, 2012 10:09 PM
Now, let me start with stating that I'm certainly no expert on S/MIME SSL Certificates, but the basic idea behind the authorities is, that they verify and insure that you say you are who you are.
Let's look at this scenario:
I create a self-signed certificate just as you did and I use your name and your email address.
Now instead of you, I send signed mail to your clients. They see the message is signed, it's matching the sender's email address ('cause I can easily fake that).
They match the sender's name, since it's no rocket science to find out someone's name.
How would they be able to know that I'm not you?
That's where the authorities come into play. Based on the level of SSL certificate you need, you have to send them proper verification. The least a Passport with a Photo, most of the time a phone bill and a lot of different information all containing your name, address, phone number.
I'm not entirely sure what the highest level requires, but what they do is basically verify that the information you give them is correct and that you are who you say you are.
Only if everything checks out, you're getting a certificate for your email address.
Alone the fact, that you only get certificate if you can verify the email address, makes it a little harder for me to pose as yourself, since I'd have to hack your mail account first.
In addition, your clients checking the certificate now see, that a third party authority has granted you this certificate and they can assume that you've been verified.
That said, a lot of SSL certificate authorities have already been compromised, so SSL is no longer as secure.
If after this explanation you now want a real certificate, you can get one for free at startssl.com
They only charge you if they have to put more effort in than usual to verify your information. But based on previous experience I can tell you, that it is in fact free.
Hope that gives you a better idea of what signed certificates issued by an authority are about
6 Posted by TJ Marbois on 16 Aug, 2012 10:32 PM
Luke
that helps a ton... thank you for taking the time.
I understand the dangers of someone else spoofing me to people that don't know me...
but since this is just designed for communication between me...and a very select FEW individuals and family... who I know so well - that we communicate on a daily basis -- they will know to expect something from me....and at a very specific time frame - whereby we are probably talking to each other in real time over the wire....
the chances that someone would spoof me ... I think are very low?... plus... Im not that important anyhow...haha.
but my main concern was actually something you brought up yourself! the fact that agencies themselves who are 'called' authority.... have actually been compromised.... Comodo? and who knows how many more...
Thank you again for your info.... Ill look into the free certificate from the site you recommend!
but it also sounds like -- if Im willing to bear the risk of being my own certificate signer...then its up to me and probably will be ok...
:)
cheers
TJ
Support Staff 7 Posted by Luke Le on 16 Aug, 2012 10:38 PM
Hehe, I totally agree with you. If you don't have any real confidential information which absolutely shouldn't be tampered with you actually don't need a signed certificate and a self-signed will do just fine.
I only proposed the solution of startssl.com if you were looking for a free certificate to start with.
By the way, did the nightly solve your problem with GPGService decrypting showing the same text twice?
8 Posted by TJ Marbois on 16 Aug, 2012 10:43 PM
yup!
it sure did! just checked it....
awesome stuff.... thanks again.
:)
cheers
Tj
Support Staff 9 Posted by Luke Le on 16 Aug, 2012 10:44 PM
Splendid!
Have fun with our tools!
I'll close this discussion but feel free to open a new one if you should run into problems again :)
Luke Le closed this discussion on 16 Aug, 2012 10:44 PM.
TJ Marbois re-opened this discussion on 16 Aug, 2012 10:48 PM
10 Posted by TJ Marbois on 16 Aug, 2012 10:48 PM
Luke
thanks for your great help and kindess...
if you need some help or testing on something in the future - feel free to reach out to me! Ill gladly spin a few tests for you and report.
:)
cheers
TJ
Support Staff 11 Posted by Luke Le on 16 Aug, 2012 10:49 PM
Thanks for the offer!
I'll let you know if something arises!
Glad I could be of help.
Luke Le closed this discussion on 16 Aug, 2012 10:49 PM.