Advogato blog for weasel

22 Jan 2004

Thu, 22 Jan 2004 13:33:11 GMT

Fixed the very same bug in two OpenPGP implementations: SKS and pgpdump. Both didn't handle some subpacket types correctly. This field gives the type of a subpacket, for instance 2 is signature creation time, 3 is signature expiration time, etc. The issue was that bit 7 has a special meaning. It's not part of the number but it's a flat, saying that an implementation should be able to handle this subpacket or treat the entire signature invalid. Patched both and submitted them upstream. Now sks finally shows signature expiration times in its vindex.

20 Jan 2004

Tue, 20 Jan 2004 05:22:32 GMT

It's been a while since I last wrote an entry. In the meantime some things changed, other things didn't.

Over the last year Len (SIrabbi) and I, with the help of several other cpunks, made lots of minor fixes and feature improvements for Mixmaster, and we are close to releasing betas for the upcoming 3.0 version.

Mixminion is making steady progress too, thanks to the great work of Nick (nickm). It appears to be very stable at the moment. A few things are still missing, like the possibility to post and direct reply blocks to Usenet, but it may soon become 0.1.0 (the in theory as good as Mixmaster release).

For users to enjoy end-to-end encrypted messages in mixminion, it needs some form of PKI. Nick thinks that it's probably best to bootstrap off the existing PGP infrastructure so we need a way to read private pgp keys. pgpdump is a nice tool that dumps pgp packets, like pgp private keys. Unfortunately it doesn't dump all secret key parameters if they are encrypted with a passphrase. I intent to hack it to support decrypting encrypted packets, so we could use that.

Fabbione and I have played with packaging SKS, an OpenPGP keyserver implementation, for Debian. It looks quite good, the only missing thing is a compiler that actually builds it right now :) - ocaml had some non-free parts which were removed from the Debian ocaml package. Reimplementations and work arounds are/have been written already, so it should eventually be ready to be uploaded.

In addition to working on Mixminion, nickm and arma are also working on Tor, The Onion Router. This is a low latency anonymity network which will allow you to do very anonymous TCP. Of course I've packaged it for Debian too. Mixminion and Tor packages are currently in the NEW queue, waiting to get processed by the cab^Wftp-masters.

I've done quite some travelling in 2003, which implies I did a lot of keysigning, and it has shown. Jason Harris is running keyring analyses every other week, and my key is quite well connected. Check out http://keyserver.kjsl.com/~jharris/ka/.

While we are at PGP. The keyservers - as you probably know - store all pgp keys that were ever uploaded to the network forever. The keyservers are also more or less in sync with each other. I wonder if anybody has thought of abusing the network as a communications media. Embed your message or file in a PGP key, upload it to the keyservers, and there it is. Mirrored a dozen times all over the world, with no easy way to have it removed. And contrary to Usenet, the message doesn't expire.

26 Dec 2002

Thu, 26 Dec 2002 13:16:04 GMT

Len (SIrabbi) released Mixmaster 2.9.0 yesterday. After years of 2.9beta* releases we label this one final. Some new features for 3.0 are well underway and already in CVS. Including a sane build system and automagic key rotation.

9 Dec 2002

Mon, 9 Dec 2002 17:15:35 GMT

Wrote a small PHP/Postgres thing to keep track of my books. If you want to take a peek on to my bookshelf visit http://books.noreply.org/.

echolot 2.0 was finally released several months ago (soon after my last diary entry) and is now in Debian, as is Mixmaster which finally got a free license thanks to Lance Cotrell and Len Sassamn.

17 Sep 2002

Tue, 17 Sep 2002 03:46:08 GMT

echolot made huge progress. Currently I have release candidate 2 on the ftp server and it looks like this will become 2.0.

We also added some nice features to Mixmaster (and some boring bug fixes). Mix keys now have expiration dates and mixmaster itself generates new keys before the old ones become obsolete. Together with a good and self learning pinger (hint: echolot) a remailer can now run more or less on auto-pilot.

Of course there are also Debian packages for Echolot and Mixmaster. You can find them on http://non-us.debian.org/~weasel/archive. When the mixmaster license finally gets cleared up (Len is working with Lance) I'll upload them to the archive. Echolot is GPLed, so that's no problem.

3 Jul 2002

Wed, 3 Jul 2002 01:27:24 GMT

Worked quite a lot in echolot. If I don't get any new ideas for must-haves tonight I'll declare current cvs HEAD 2.0rc1.

21 Jun 2002

Fri, 21 Jun 2002 12:57:25 GMT

Did a sponsor upload for LinCVS, a graphical cvs frontend. Jason Friedrich took over the package but he is not a Debian Developer yet so I had to sign the package.

echolot is comming along nicely.

My palm Vx crashed some way yesterday. Had to do a hard reset. Fortuatly restoring the (not too old) backup was quite painless.

17 Jun 2002

Mon, 17 Jun 2002 17:48:48 GMT

Released a new version of keylookup. GnuPG changed some parts of its config file in 1.07 which made the update necessary for people behind proxies.

werner also uploaded it to ftp://ftp.gnupg.org/GnuPG/contrib/. Ola Lundqvist, who maintains the Debian package, expects to upload a new version of the package somewhen next month ("as soon as I get access to some real internet connection").

17 Jun 2002

Mon, 17 Jun 2002 15:15:57 GMT

Brought all my Debian packages to latest upstream version yesterday.

16 Jun 2002

Sun, 16 Jun 2002 05:29:50 GMT

Nearly a year since my last Diary entry. Nothing big changed.

My box which did mail and web services was down for 1 or 2 months at the start of the year. Email was quickly rerouted with the help of friends. UUCP still is useful. Web services where not brought operational that fast because I just didn't care.

I started a very small ISP with a few friends. Our main intention is to even more extend our knowledge of the tools involed. I hacked up some nice configuration scheme which keeps everything (configuration for Apache, Postfix, PostgreSQL, MySQL, courier-{imap,pop3}, etc.) in OpenLDAP. Authentification/NSS against LDAP is done with nss_ldap/nss_nss.

We wanted to setup some distributed network filesystem too. Coda didn't really work that well. Maybe it's just that the current 5.3.18 is broken. Perhaps we were too stupid. Who knows? Next thing to check out is OpenAFS or Intermezzo.

I started work on a pinging software for anonymous remailers: echolot. CVS is up on savannah if you're interested. ATM it already fetches keys and confs from remailers, send and receive pings. The only problems I'm facing is interoperability between GnuPG and the remailing software deployed: mixmaster and reliable.

I'm also writing a remailer daemon in Perl. It will handle both type I and type II messages when it's done. At the moment it can only build type II (aka mix) messages. I don't even have a name for it yet.

Florian Reitmeir and me developed a pretty printer or source code indenter for PHP! Since there obviosly exists no such thing on the internet we stepped forward and had a good time. The result was php indent. Don't try it if you're in a hurry or expect it to not corrupt your code. It's really slow and not properly tested.

I also updated my projects site.

For university I'm doing some interesting stuff with OpenVRML on MacOS X. The only thing I know for sure now is that openvrml lacks documentation.