martello Posted August 15, 2006 Share Posted August 15, 2006 I have tried to delete my PGP keypair from IMP several times without any success. Each time I try to delete the key the interface will refresh correctly looking like the key was deleted, but a refresh of the PGP preference page shows the key still there. I have also tried adding a new key, which I use with GnuPG, but that seems to do nothing. Again, the webmail client says that the key was successfully imported, but it never shows up in the preference page. I would appreciate any information on how to remove the keys or help from an administrator in solving the issue. Thanks Link to comment Share on other sites More sharing options...
Wazoo Posted August 15, 2006 Share Posted August 15, 2006 I'm only jumping in as I see no one else getting involved. 1. I wasn't aware that the spamcop/cesmail e-mail servers were also acting as PGP Key-servers. 2. I'v'e just gone through both the User and Admin Horde/IMP FAQ and see nothing there about PGP keys. 3. Very few of the existing PGP Key-servers honor a 'delete' command .. and as the data is shared, those that do end up being 'refreshed' a bit later. The normal mode if a key is no longer desired is to "Revoke" that key and upload that data to the Key-servers. 4. I'm not following why you say "key-pair" in your first sentence, but then only "key" when talking about 'uploading a new key' later on .... Link to comment Share on other sites More sharing options...
martello Posted August 15, 2006 Author Share Posted August 15, 2006 Wazoo, thanks for the reply. Just to clarify, I used key and key pair interchangeably. In both cases I meant both the public and private key pairs. Unfortunately, there is very little that can be done via the IMP preferences pane for PGP. The only option given is to delete the key, which does not work (presumably due to the refresh problem you stated). I suppose I could try and import that key into GnuPG and try to revoke it from there. Not sure which key-server spamcop is using, but hopefully it will get word eventually. I will give that a shot tomorrow and post the result once I do. Link to comment Share on other sites More sharing options...
Wazoo Posted August 15, 2006 Share Posted August 15, 2006 I'm dropping a note to JT, as there doesn't seem to be any data I can find. In the interim, have you looked at Beta Test Outgoing SMTP AUTH ...???? Link to comment Share on other sites More sharing options...
Wazoo Posted August 15, 2006 Share Posted August 15, 2006 From: "Wazoo" To: "SpamCop Support - JT" Subject: PGP key sets in WebMail Date: Tue, 15 Aug 2006 02:19:38 -0500 OK, once again, I've gone through the Horde/IMP FAQ and found nothing about PGP and encryption. Have never seen the screen in question, so here goes; http://forum.spamcop.net/forums/index.php?showtopic=6857 User wants to delete an existing key-set .. says he can't. User uploads another key-set, says it is 'imported' .... but there isn't an option to 'use' that new key-set. In the interim, I suggested the new SMTP-auth mode to allow use of his own tools on his own system to handle the 'pick-a-key' issue .... can you provide an answer as to how the keys are handled on your servers .. and how the user can edit those settings/contents ...???? Search terms: PGP Pretty Good Privacy public keyring private keyring encryption Link to comment Share on other sites More sharing options...
kae Posted September 25, 2006 Share Posted September 25, 2006 I setup my PGP (Pretty Good Privacy) (that's for the search engine that can't do three letter searches) Public Keyring and ended up loading two public keys for one of my email addresses. This apparently causes a problem with Pretty Good Privacy (PGP) in the area of looking up a public key. Why it allows two identical keys to be loaded would seem to be a bug in the data integrety area....anyway.... Okay, stop laughing, yes, I'm an idiot. I didn't know what I was doing when I was loading the public keys. I've tried to remove the Public key from the Public Keyring, but I can't remove the public key because it says that it doesn't expect two entries to be returned for the email address key. It's expecting a 1-1 relationship and it gets a 1-N (where N is 2). I know that somewhere in the bowels of the webmail system there is a file that has the Public Keyring. From my futile attemps to fix it myself, I'm guessing that there isn't a way to fix this using the webmail interface (which is all I have) and that it will take some kind administrator's very valuable time to go and remove the Public Keyring file. Is there a way that I can fix this myself? Is there a way to request this from a webmail administrator and how would I do that? Is this the right place in the forum to post this request? Thanks for listening. Moderator Edit: merged this new post into an existing Topic that covers the same ground. PM sent to advise of the Move/Merge. Link to comment Share on other sites More sharing options...
Wazoo Posted September 25, 2006 Share Posted September 25, 2006 From: "Wazoo" To: "SpamCop Support" References: <008301c6c03b$2c51ce40$6401a8c0[at]msi6378> <44E27875.6020404[at]spamcop.net> Subject: Re: PGP key sets in WebMail Date: Mon, 25 Sep 2006 14:25:26 -0500 Now have a user that managed to upload two, that's right, two keys for the same address .... IMP is glad to let him/her know that a serious mistake has been made, but ... there seems to be no option available for the user to try to correct it ... going back to the earlier request/query about deleting an uploaded key(ring) ----- Original Message ----- From: "SpamCop Support" To: "Wazoo" Sent: Tuesday, August 15, 2006 8:44 PM Subject: Re: PGP key sets in WebMail > I'll take a look. > > Jeff > > GwazoO wrote: > > OK, once again, I've gone through the Horde/IMP FAQ and > > found nothing about PGP and encryption. Have never seen the > > screen in question, so here goes; > > http://forum.spamcop.net/forums/index.php?showtopic=6857 > > > > User wants to delete an existing key-set .. says he can't. > > User uploads another key-set, says it is 'imported' .... but there > > isn't an option to 'use' that new key-set. > > > > In the interim, I suggested the new SMTP-auth mode to allow > > use of his own tools on his own system to handle the 'pick-a-key' > > issue .... can you provide an answer as to how the keys are > > handled on your servers .. and how the user can edit those > > settings/contents ...???? Link to comment Share on other sites More sharing options...
kae Posted September 26, 2006 Share Posted September 26, 2006 The way to get to the Horde PGP options on Spamcop is to choose Options from the top INBOX view and then under the "Other Options" header column choose the "PGP Options". Under PGP Options there are three sections: check box options called "PGP Options", PGP Public Keyring, and the user's "PGP Public/Private Keys". Just to explain a little on my particular problem and I think this matches the other problem too. The PGP Public Keyring is per User data (ie. each spamcop Horde/IMP user that uses PGP has one). This Keyring is like a cache for any public keys that the users requires for decoding any email sent to that spamcop user. The keyring is not a PGP key server, it's just a little file/database of collected public keys that have been downloaded from the public pgp.net key servers. What happened in my situation is that when I tried to import my public keys, I only got one of them. I then imported all of them. Ooops! Now my per-user PGP Public Keyring file/database has two entries for one of the keys. Each key has an email address and an eight digit Hex Public Key ID. It's not that I have two keys with my email address: it's that I have two public keys that have the same eight digit Hex Public Key ID. IMHO, that's a bug in how keys are placed into the keyring file/database. I don't know, but my guess is that the bug is not in Horde, but in the GNUPG version on the spamcop webserver. Another wild guess on my part is that there is probably an area on the webservers where the per user data resides and the per user PGP Public Keyring file is somewhere in that per user directory structure. I'm assuming that the admins at spamcop installed gnupg just like normal and didn't do much if any re-write of the code. So, my guess is that the GnuPG data area is in a subdirectory called ".gnupg" in the per user area and the file in question is either the trustdb.gpg file or the pubring.gpg file, but I would guess that the problem is in the trustdb.gpg file and not the pubring.gpg file as the pubring.gpg file holds the generated public keys. Anyway, when I looked at the Horde CVS tree. I think the PGP stuff is in framework/Crypt/Crypt and I think the source code is in a file called pgp.php while the S/MIME stuff is in the smime.php file. I don't think this duplicate KeyID is a Horde/IMP problem (just my guess), but probably the bug is in GnuPG allowing two KeyID's to be imported. The problem with Horde is that the web interface doesn't allow for manipulation of the underlying file data which supports GnuPG. Did any of that make sense? It's probably easier to use the new SMTP-auth mode and then the PGP data will sit in the user's domain of responsibility. Unless someone at spamcop wants to field PGP Public Keyring corruption issues and do the file removal by hand. It wouldn't be a hard request. A shell scri_pt could do: cd /PerUserDataArea/User/.gnupg rm trustdb.gpg would probably do it, but unless an option is added to Horde's PGP Options page, it's a manual operation. Link to comment Share on other sites More sharing options...
Wazoo Posted September 27, 2006 Share Posted September 27, 2006 Yeah, makes sense .. I'm just baffled by the lack of data on the Horde/IMP FAQ/Wiki page(s) .... In the interim, JT replied that he could probably just delete the stuff, but of course needed 'names' .. just sent that e-mail / data, noting that both users involved used spamcop.net e-mail accounts to register here .... sorry for not getting to this earlier .... Link to comment Share on other sites More sharing options...
Wazoo Posted September 28, 2006 Share Posted September 28, 2006 Date: Wed, 27 Sep 2006 23:45:29 -0400 From: SpamCop Support To: Wazoo Subject: Re: PGP key sets in WebMail References: <008301c6c03b$2c51ce40$6401a8c0[at]msi6378> <44E27875.6020404[at]spamcop.net> <002801c6e0d8$5b6f0cc0$6401a8c0[at]msi6378> <451860F8.80009[at]spamcop.net> <006101c6e1f2$d0b38900$6401a8c0[at]msi6378> In-Reply-To: <006101c6e1f2$d0b38900$6401a8c0[at]msi6378> OK, I deleted those key sets. They should be able to upload the correct keys now. Jeff Wazoo wrote: > My fault, should have looked this up .... > > xxxxxxxx[at]spamcop.net - first user > xxxxxxxx[at]spamcop.net - second user > >> I can manually delete one or both from the database. That might be the >> best thing to do. They can just drop me a note with their username and I >> can look in there. >> >> Jeff Link to comment Share on other sites More sharing options...
kae Posted October 16, 2006 Share Posted October 16, 2006 Well, I went back and looked and saw that I still had the entry in my Public Keyring. When I tried to View or Delete, I get the error that there is more than one entry. When I try to select Details, it says invalid key. It is behaving the same as before. Like nothing changed. I guess I was totally wrong about how PGP integrates with Horde. It seemed to make so much sense that it worked that way too. That's what I get for trying to guess the workings inside the black box. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.