Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > alt.privacy.anon-server > #101546 > unrolled thread

NeoMutt and yubisigning

Started byGabx <mail2news@virebent.invalid>
First post2026-05-31 00:24 +0000
Last post2026-06-04 23:21 +0000
Articles 8 — 4 participants

Back to article view | Back to alt.privacy.anon-server


Contents

  NeoMutt and yubisigning Gabx <mail2news@virebent.invalid> - 2026-05-31 00:24 +0000
    Re: NeoMutt and yubisigning Gabx <mail2news@virebent.invalid> - 2026-05-31 00:31 +0000
      Re: NeoMutt and yubisigning Anne Frank <bounce.me@n2n.oc2mx.net> - 2026-05-31 13:40 +0200
        Re: NeoMutt and yubisigning Gabx <mail2news@virebent.invalid> - 2026-05-31 17:01 +0000
          Re: NeoMutt and yubisigning Gabx <gabx@victor.virebent> - 2026-06-01 17:00 +0200
        Re: NeoMutt and yubisigning Gabx <mail2news@virebent.invalid> - 2026-06-03 00:08 +0000
          Re: NeoMutt and yubisigning Ch1ffr3punk <ch1ffr3punk@gmail.com> - 2026-06-03 06:49 +0000
            Re: NeoMutt and yubisigning Gabx <mail2news@virebent.invalid> - 2026-06-04 23:21 +0000

#101546 — NeoMutt and yubisigning

FromGabx <mail2news@virebent.invalid>
Date2026-05-31 00:24 +0000
SubjectNeoMutt and yubisigning
Message-ID<1780187093.53A6E0429C2ED219@domain.invalid>
-----BEGIN YUBISIGNER SIGNED MESSAGE-----
Hash: SHA256

Neomutt cli linux email client multi account SMTP/IMAP
Mail2News only sending account for 
 - qee4i7sags6phsvb2yodwecfj7noimfhhalsjktsvikrwotxzis3raad.onion SMTP
 - mail2news@xilb7y4kj6u6qfo45o3yk2kilfv54ffukzei3puonuqlncy7cn2afwyd.onion M2N
 - peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion NNTP 

Added Yubisigner automatic YubiKey PIV Ed25519 signatures.

I hope someone appreciates it !
Happy hacking


-- 
Gabx

Author: Gab Virebent
Signed at: 2026-05-31 00:24:22 +0000
Filename: m2n-msg.6AICjy
File size: 432 bytes
Email: gabriel1@virebent.art
Telefax: n/a
URL: www.virebent.art
Comment: Posted via NeoMutt mail2news
  RIPEMD-256: e6633abadb8514c1c7d3330e116d66fca8fd7a7e7e6d16790459acf5b5c941bd
     SHA-256: 046860f88127944ebc6f9981da051b0eaa7d02cf2c5bfabf23ef5b7512594849
         SM3: 142888d914db9f6f970998df15323340074a9291587c23054256ad2cc9eda5cd
Streebog-256: a7c2c27ad4d7a6d6ea07579bdc5cd9a3a2fb5ba373dd4900dfab3ece0f4cccfe
-----BEGIN YUBISIGNER ED25519 SIGNATURE-----
016a3022f054b794469ed0178235afd551ac9537e5c4a787ceaec8ce6bc29a8a
d17e1cf04d0ff35309af146b6c1bdf2b9d1d8060abd1f6687dcf95be7c35d680
49379ff9f862935ce0b229173cb6854e5c14cdbcec01ea12c2200b01bea3a30d
-----END YUBISIGNER ED25519 SIGNATURE-----

[toc] | [next] | [standalone]


#101547

FromGabx <mail2news@virebent.invalid>
Date2026-05-31 00:31 +0000
Message-ID<1780187462.C3D8851FD2B0128A@domain.invalid>
In reply to#101546
-----BEGIN YUBISIGNER SIGNED MESSAGE-----
Hash: SHA256

I forgot to include the repository, here it is:

https://git.virebent.art/virebent/neomutt-config

a tutte le ore ;) !

-- 
Gabx

Author: Gab Virebent
Signed at: 2026-05-31 00:30:32 +0000
Filename: m2n-msg.dxe6oE
File size: 129 bytes
Email: gabriel1@virebent.art
Telefax: n/a
URL: www.virebent.art
Comment: Posted via NeoMutt mail2news
  RIPEMD-256: d4dc463fc341b9037ac2765daa8a4ca7318e97eddcc1b59f1e852d473017d931
     SHA-256: d53158943b0b6a0617622213e14762c435091d220cb631d5b448bfb07e87d312
         SM3: 57300c2f84b1d05853e6c2ccd4afdad599ec7b930d8781e9c1e256e97109147a
Streebog-256: 3b453ea0c1a116fb65ae04ae2cd61a5d162b3e41a8ce2c09194f62de93715d15
-----BEGIN YUBISIGNER ED25519 SIGNATURE-----
016a3022f054b794469ed0178235afd551ac9537e5c4a787ceaec8ce6bc29a8a
b8b93bcfe6aa7a5442bea178f48a5faff533869cc9b733cf2b42250f2970af87
91f9e29f9a6a15e234565ad67b983bb84102c84a8b4f4e7a430b24e5ad07e309
-----END YUBISIGNER ED25519 SIGNATURE-----

[toc] | [prev] | [next] | [standalone]


#101548

FromAnne Frank <bounce.me@n2n.oc2mx.net>
Date2026-05-31 13:40 +0200
Message-ID<28fccd8affae6f592f6b@n2n.oc2mx.net>
In reply to#101547
Gabx wrote:
> 
> -----BEGIN YUBISIGNER SIGNED MESSAGE-----
> Hash: SHA256
> 
> I forgot to include the repository, here it is:
> 
> https://git.virebent.art/virebent/neomutt-config
> 
> a tutte le ore ;) !

Interesting that you use yubisigner for postings,
instead of yubicrypt.

Best regards
Stefan

-- 
-----BEGIN ED25519 SIGNATURE-----
8a5f8adfec9690b8ae6ca95dc23811463fcce5bbba0d841f49b7d3f7a89ad149
05b66788038925656076c8a67627407dbc704033b200316690845ea018bd8132
e5050ca78dfd306daa1a64c85d9b116fa22d72b6bd0c2d8849c778a58b4a8201
-----END ED25519 SIGNATURE-----

[toc] | [prev] | [next] | [standalone]


#101551

FromGabx <mail2news@virebent.invalid>
Date2026-05-31 17:01 +0000
Message-ID<1780246900.99BA8BB2DD6954BE@domain.invalid>
In reply to#101548
Interesting? 
I don't know, 

I should add verification to make it effective.
 
let's see how it goes.
-- 
Gabx

[toc] | [prev] | [next] | [standalone]


#101553

FromGabx <gabx@victor.virebent>
Date2026-06-01 17:00 +0200
Message-ID<10vk6q6$2sn0h$2@news.tcpreset.net>
In reply to#101551
Gabx wrote: 
> let's see how it goes.
Just f"""d it all up, lol

Gabx

-- 
_______________________________
https://contact.virebent.art
https://www.virebent.art
https://archives.virebent.art

[toc] | [prev] | [next] | [standalone]


#101563

FromGabx <mail2news@virebent.invalid>
Date2026-06-03 00:08 +0000
Message-ID<1780445315.1368A1573D8DF139@domain.invalid>
In reply to#101548
-----BEGIN YUBISIGNER SIGNED MESSAGE-----
Hash: SHA256

Anne Frank wrote:
> Interesting that you use yubisigner for postings,
> instead of yubicrypt.
Today I had some time to develop my response to your observation.

I think yubisigner works better purpose usenet but also emails.

Yubisigner produces cleartext signatures with explicit metadata and
four redundant independent hash algorithms, as you know.

Anyone can verify what was signed.

Usenet posts are permanent public records. 

In 20 years, a reader can verify the yubisigner signature with any Ed25519 implementation. 

Yubisigner signature is self-contained.

What do you think ?


Regards
Gabx
-- 
Gabx

Author: Gab Virebent
Signed at: 2026-06-03 00:08:20 +0000
Filename: m2n-msg.oycdI8
File size: 611 bytes
Email: gabriel1@virebent.art
Telefax: n/a
URL: https://contact.virebent.art
Comment: Posted via NeoMutt mail2news
  RIPEMD-256: 9441529cf42a7373f4ac556c1b1797fabfeefaeaffddb061b2aebd2f5b80565e
     SHA-256: a217f8d438439fb9a7a85d68edf142f6abd2fb6e0355d747a488077481713258
         SM3: b6b60579e0402685bf9a40ebdee651c8bfe18aca6498079622bcd3ce455a034a
Streebog-256: 93762a797e8cd87855a10614db7e5a20a5a7963fdd1a01be12425d994bd279d7
-----BEGIN YUBISIGNER ED25519 SIGNATURE-----
016a3022f054b794469ed0178235afd551ac9537e5c4a787ceaec8ce6bc29a8a
d44d1ae8445cfcd15725712382d8b808ad18e5f13f772543b7a8e2a7cae14211
7c359067262c96841e13885449987ccf08a73fd4e0280821f038cfbc35a43e0c
-----END YUBISIGNER ED25519 SIGNATURE-----

[toc] | [prev] | [next] | [standalone]


#101564

FromCh1ffr3punk <ch1ffr3punk@gmail.com>
Date2026-06-03 06:49 +0000
Message-ID<10voiqj$biui$1@news.tcpreset.net>
In reply to#101563
Gabx wrote:
> -----BEGIN YUBISIGNER SIGNED MESSAGE-----
> Hash: SHA256
> 
> Anne Frank wrote:
> > Interesting that you use yubisigner for postings,
> > instead of yubicrypt.
> Today I had some time to develop my response to your observation.
> 
> I think yubisigner works better purpose usenet but also emails.
> 
> Yubisigner produces cleartext signatures with explicit metadata and
> four redundant independent hash algorithms, as you know.
> 
> Anyone can verify what was signed.
> 
> Usenet posts are permanent public records. 
> 
> In 20 years, a reader can verify the yubisigner signature with any Ed25519 implementation. 
> 
> Yubisigner signature is self-contained.
> 
> What do you think ?

The idea behind yubisigner was to detach-sign files with two modes,
so that third parties can not fake content of public repositories,
as it once happened to me, when I made SHAS256 jokes about the NSA.

Additionally, the headers can't be faked, as it can be done in GnuPG
and openbsd-signify.

Regards
Stefan

-- 
https://oc2mx.net

[toc] | [prev] | [next] | [standalone]


#101608

FromGabx <mail2news@virebent.invalid>
Date2026-06-04 23:21 +0000
Message-ID<1780615260.47DBA74DBE337C19@domain.invalid>
In reply to#101564
-----BEGIN YUBISIGNER SIGNED MESSAGE-----
Hash: SHA256

Ch1ffr3punk wrote:
> The idea behind yubisigner was to detach-sign files with two modes,
> so that third parties can not fake content of public repositories,
> as it once happened to me, when I made SHAS256 jokes about the NSA.
> 
> Additionally, the headers can't be faked, as it can be done in GnuPG
> and openbsd-signify.
> 
It's for this reason i have taken seriously 
It is for this reason that I have taken posts identity and verification 
seriously, 

it could be increased with a merkle of the posts sent, 

experiments.

-- 
Gabx

Author: Gab Virebent
Signed at: 2026-06-04 23:20:49 +0000
Filename: m2n-msg.ujlWjd
File size: 539 bytes
Email: gabriel1@virebent.art
Telefax: n/a
URL: https://contact.virebent.art
Comment: Posted via NeoMutt mail2news
  RIPEMD-256: 5dbf7e246964d82bc319e11193893489c7b552be13431c30fdfefde3acf33175
     SHA-256: d11d15f76503d117d2db711f0b40f64d5e47fb66cdf5c37bd5c83abc1d4a303b
         SM3: 2f71a3cd14bd86137751b9df0a238fa036d69599f902d28b1c88714300e37f30
Streebog-256: 01fa5fc9df811b6f9640591c68e5e45ba7f5da68ec722520890c1741d5ba8f04
-----BEGIN YUBISIGNER ED25519 SIGNATURE-----
016a3022f054b794469ed0178235afd551ac9537e5c4a787ceaec8ce6bc29a8a
82b598f0e1e8301d8f021f0e905521dd862a535366493a3efe5b3033451cdd28
b2464c12aa07e65318c25329e378cfe6e7fec26aa49f871baa292274f3420906
-----END YUBISIGNER ED25519 SIGNATURE-----

[toc] | [prev] | [standalone]


Back to top | Article view | alt.privacy.anon-server


csiph-web