BALUG-Talk August 2017

balug-talk@lists.balug.org

4 participants
6 discussions

MOZILLA's GnuPG/PGP key-signing session, October 3rd
by acohen36＠sdf.org 16 Aug '17

16 Aug '17

MOZILLA's GnuPG/PGP key-signing session, October 3rd Former subject was the somewhat longer-titled '[sf-lug] [BALUG-Talk] Fwd: GnuPG / PGP key signing party October 3rd 2017' Quoting <Michael.Paoli at cal dot berkeley dot e d U>, at least from [1] and also from [2]: ~~~~~~~~~~~~~~~~~~~~~~ [DO NOT REPLY-ALL UNLESS YOU'RE SUBSCRIBED TO ALL LISTS!] NOTE ALSO THAT appears (free) "ticket" is REQUIRED to attend this event. Passing this along, as it looks like it didn't make it to at least several lists (non-member posting and/or too many recipients): ----- Forwarded message from lhirlimann at mozilla.com ----- Date: Thu, 20 Jul 2017 10:51:18 +0200 From: "Ludovic Hirlimann" <lhirlimann at mozilla.com> Subject: GnuPG / PGP key signing party October 3rd 2017 To: buug at buug.org, Michael.Paoli at cal.berkeley.edu, talk at nblug.org, balug-talk at lists.balug.org, svlug at lists.svlug.org, sf-lug at linuxmafia.com, info at eblug.org, bad at bad.debian.net, penlug-members at new.penlug.org, bale at linuxmafia.com, meyering at fb.com Hello my name is ludovic, I'm a sysadmins at mozilla working remote from europe. I'm organizing a pgp Key signing party in the Mozilla san francisco office (https://wiki.mozilla.org/People:MozSpaces_Guidelines:San_Francisco) on October the 3rd 2017 from 6PM to 8PM. ~~~~~~~~~~~~~~~~~~~~~~ Ah, so a Mozilla employee is remotely organizing a GnuGP/PGP key-signing session happening at one of the parent company's main U.S. West Coast offices. IMHO, the timing of this session is ever-so-slightly suspicious given that it's happening just over one month before the planned release date of Mozilla Firefox's extensions-busting version 57 [3]; intentionally released to cut down the browser usage percentage of Google's Chrome browser [4] as well as possibly that of the open-sourced Chromium browser [5]. One would hope that there will be _no_ data-collection and storage of participants' _personal_ information before/during/following the time of this Mozilla key-signing-only event, and well in advance of the FF57 release date...... >From what I'm seeing now, and FWIW, both the 64-bit open source Brave* browser [6] and the 32-bit open source Palemoon browser [7] will _still_ be supporting many of our most important browser extensions into the near future. *An interesting fact to note about Brave is that their Mission District HQ [8] is ~3/4 hr MUNI busride from Mozilla's SF offence [9] ear Rincon Point. Comments from announcement-forwarder Michael P, from Rick M, and from others are expected and of course welcome :-) -A References ============ [1] linuxmafia.com/pipermail/sf-lug/2017q3/012773.html [2] https://temp.balug.org/pipermail/balug-talk/2017-August/000005.html [3] https://www.cnet.com/special-reports/mozilla-firefox-fights-back-against-go… [4] https://www.google.com/chrome/browser/index.html [5] https://www.chromium.org/Home [6] https://www.brave.com [7] https://www.palemoon.org [8] https://www.brave.com/about/ [9] https://wiki.mozilla.org/People:MozSpaces_Guidelines:San_Francisco

2 1

full raw archive (mbox) files publicly available, ...
by Michael Paoli 13 Aug '17

13 Aug '17

Just so everyone is also aware, BALUG lists are publicly archived (I believe that's always been the case, and is reasonably clear on the lists' pages). Also, on the new infrastructure, the full raw archive (mbox) files are also available. They can be found on the lists' archive pages, the link on each labeled: download the full raw archive Note that the old archives aren't merged in yet, but expecting to have that completed in the near future. Also, planning to make those full raw archive mbox files available via rsync - that will also be more handy/useful/efficient, as some missing bits of the archives get filled in later (don't presume the mbox files are append-only ... though they will generally be append-mostly). Over the years, there have been multiple occasions where DreamHost.com lost some or all of our archives (at least on some of our lists). Still hoping to later reinject and restore that, from other copies we have or may be able to obtain. That also means that anyone has the ability to backup the entire raw mbox archive. :-) Making those raw mbox archives public wasn't even an option with DreamHost.com (at least through current version of MailMan, it's a global option setting, and not per-list. DreamHost.com hosted many lists from many customers, so didn't reasonably have a way to adjust that on a per-customer or per-list basis). Two most important assets of list, are the archives, and the members/roster - with those it's always possible to recreate the list if needed/warranted. Without those, not so easy to infeasible. > From: "Michael Paoli" <Michael.Paoli(a)cal.berkeley.edu> > To: BALUG-Test <balug-test(a)temp.balug.org> > Subject: BALUG-Test: full raw mbox archive publicly available > Date: Tue, 11 Jul 2017 07:34:46 -0700 > And yes, the full raw mbox archive for BALUG-Test > is publicly available: > $ curl -I https://temp.balug.org/pipermail/balug-test.mbox/balug-test.mbox > HTTP/1.1 200 OK > Date: Tue, 11 Jul 2017 14:29:02 GMT > Server: Apache/2.4.10 (Debian) > Last-Modified: Tue, 11 Jul 2017 14:23:34 GMT > ETag: "a046-5540b71d48512" > Accept-Ranges: bytes > Content-Length: 41030 > Content-Type: application/mbox > > $ > Procedure documented on: > https://www.wiki.balug.org/wiki/doku.php?id=balug:mail_and_lists > notably: > o Y full mbox archive publicly available; procedure: > add: > PUBLIC_MBOX = Yes > to file: > /etc/mailman/mm_cfg.py > restart mailman > for existing lists, toggling archive from public to private and > back again seems sufficient to then create the needed link > > Also making it available via public rsync is on the todo list, but > not towards the higher/highest priority bits. > "Not worse than" migration off of DreamHost.com is higher on the priorities. > Additional improvements generally come later.

1 0

Recommendations for email resender/"forwarder"? (infrastructure: Debian oldstable amd64, MTA exim4)
by Michael Paoli 13 Aug '17

13 Aug '17

So, ... I'm looking for recommendations. The basic context: using /etc/aliases (or equivalent) to simply and directly forward/alias email out onto The Internet at large, is in general a bad idea (particularly in the days of spam, and anti-spam, etc., among other factors). Our existing old hosting on DreamHost.com uses a fair bit of that. 8-O Need to migrate that functionality off of DreamHost.com. I'm looking for a way to make that migration that at least partially fixes the issues with such overly simplistic aliases. Notably such "aliased"/forwarded email ought be sent out with appropriate Sender: or similar header(s) (Resent-From: ?) and envelope FROM showing (re)origination from domain of the forwarding host (@balug.org or subdomain thereof). Ideally, a relatively simple near-drop-in replacement that could go into /etc/alises, that would, rather than do overly simple (and problematic) aliases such as: some-alias(a)balug.org: bob(a)example.com jane(a)example.com ... might implement something more like: some-alias(a)balug.org: "|resend bob(a)example.com jane(a)example.com" Also, for these purposes, do not want the complexity of mail lists, e.g. don't need or want subscribe/unsubscribe, archives, etc. At present @balug.org has at least 28 distinct aliases - certainly don't want to manage or have to deal with 28+ additional email lists. The target infrastructure is: Debian oldstable Debian GNU/Linux 8.9 (jessie) x86_64 MTA: exim4 (will get upgraded to stable at some point, but for the short to medium-term future or so, it's oldstable, and need to implement solution on oldstable). Thanks in advance regarding recommendations/pointers. :-)

3 6

Fwd: GnuPG / PGP key signing party October 3rd 2017
by Michael Paoli 12 Aug '17

12 Aug '17

[DO NOT REPLY-ALL UNLESS YOU'RE SUBSCRIBED TO ALL LISTS!] NOTE ALSO THAT appears (free) "ticket" is REQUIRED to attend this event. Passing this along, as it looks like it didn't make it to at least several lists (non-member posting and/or too many recipients): ----- Forwarded message from lhirlimann(a)mozilla.com ----- Date: Thu, 20 Jul 2017 10:51:18 +0200 From: "Ludovic Hirlimann" <lhirlimann(a)mozilla.com> Subject: GnuPG / PGP key signing party October 3rd 2017 To: buug(a)buug.org, Michael.Paoli(a)cal.berkeley.edu, talk(a)nblug.org, balug-talk(a)lists.balug.org, svlug(a)lists.svlug.org, sf-lug(a)linuxmafia.com, info(a)eblug.org, bad(a)bad.debian.net, penlug-members(a)new.penlug.org, bale(a)linuxmafia.com, meyering(a)fb.com Hello my name is ludovic, I'm a sysadmins at mozilla working remote from europe. I'm organizing a pgp Key signing party in the Mozilla san francisco office (https://wiki.mozilla.org/People:MozSpaces_Guidelines:San_Francisco) on October the 3rd 2017 from 6PM to 8PM. For security and assurances reasons I need to count how many people will attend. I'v setup a eventbrite for that at https://www.eventbrite.com/e/pgp-key-signing-party-in-san-francisco-tickets… <http://t.umblr.com/redirect?z=https%3A%2F%2Fwww.eventbrite.com%2Fe%2Fgnupg-…> (please take one ticket if you think about attending - If you change you mind cancel so more people can come). Also it helps for counting pizza as I'm trying to get some pizza while we chat and sign keys. I will use the eventbrite tool to send reminders and I will try to make a list with keys and fingerprint before the event to make things more manageable - if you want to be on that list please send me an eamil with key IDs so I can build it. To make the event more visible I've created a lanyrd entry at : http://lanyrd.com/2017/pgp-key-signing-party-in-san-francisco/ An upcoming event at : https://upcoming.org/event/pgp-key-signing-party-42p3iubxhi feel free to add yourselves on these, but getting a ticket is mandatory so I can manage security on siet and insurances etc .... I will advertise this on twitter and mastodon (I'm @lhirlimann and usul(a)mamot.fr), retweet and boost wanted. Ludovic ps sending this to a lot of people, to get more visibility. Feel free to pass this along to interested parties (eg I was unable to find a live BSD group) ps2 I will also contact people listed on biglumber to have more gpg related people show up. -- :Usul in #moc on irc.mozilla.org Mozilla Operation Center http://www.hirlimann.net/Ludovic/carnet/ ----- End forwarded message -----

1 0

Bit more information on the new hosting, & BALUG-Talk migration
by Michael Paoli 04 Aug '17

04 Aug '17

The BALUG-Talk list migration did go quite smoothly. Still need to migrate the list archives, but will get to that. A couple other bits one might want to be aware of on the new hosting: Also note, with the new infrastructure, notably anti-spam measures and greylisting, postings to the list may not appear quite immediately - especially if one hasn't posted to the list before or in some fair while (or notably from the same SMTP sending IP address before). So one may see an initial delay of a couple minutes up to about five minutes or so (depending upon one's sending MTA) or more. Also, while the site will generally be up, available, and on-line, it's not exactly a high-availability infrastructure - so if at any point it appears to not be available, rest assured we'll take care of it (and any postings sent earlier, will still generally still make it - may just take a bit longer in such circumstances).

1 0

BALUG-Talk list migrating!
by Michael Paoli 04 Aug '17

04 Aug '17

BALUG-Talk list migrating! This should be the last post from the list's old hosting location. The old location of the list (and its archives) should be treated as "read-only" - the "Emergency moderation" is set on the list, and no postings should be approved. Expect some email(s) once the migration has completed. You can also check back later at: http://www.balug.org/#Lists for status, links, etc.

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

BALUG-Talk August 2017