Begin anonymous forwarded message:
I'm going to really prove my ignorance when it comes to all things pgp. Now that we've done the verification as to who's who, and everyone owns their own key, what does one do, so sign someone elses key, or get their key signed by someone else ( should they want to ).
I kind of forgot to talk about what we do after we were finished with all the hexadecimal and drivers licences. So here we go: 1. Download the public key ring from buglumber and import it. 2. For each person whose identified you are satisfied with, check the fingerprint on the downloaded keyring against the sheet of verified fingerprints. 3. If you feel like it, sign the key with yours. This is a convenient way to record the fact that you have verified the accuracy of the key. 4. If you feel like it, send the signed public key back to the person who gave it to you. This provides an additional path through the web of trust for people to trust your key, and is generally a handy thing to have. 5. If you feel like it, upload the key with your signature to one or more key servers. This is good for the same reasons that 4 is good. Lather, rinse, repeat for all keys.
On Sat, 2005-02-05 at 14:00 +1300, David Robb wrote:
On Sat, 5 Feb 2005, Joe Abley wrote:
5. If you feel like it, upload the key with your signature to one or more key servers. This is good for the same reasons that 4 is good.
Out of curiosity, which keyservers are people using these days?
It does not really matter since they all synchronise, I generally use http://pgp.mit.edu/ since it is easy to remember. Russell
On Saturday 05 February 2005 10:06, Joe Abley wrote:
2. For each person whose identified you are satisfied with, check the fingerprint on the downloaded keyring against the sheet of verified fingerprints.
3. If you feel like it, sign the key with yours. This is a convenient way to record the fact that you have verified the accuracy of the key.
So from the key signing party we should be in the position that for anyone we have verified we are happy that the pgp key we have the fingerprint for is indeed for the person we met but the one thing that the process hasn't done is confirm that all the email addresses listed in the key are under the control of that person. To achieve this last step here is a process (lifted from the NetBSD developers PGP guidelines): 6. The remaining task prior to signing is to determine whether the other party has control over the e-mails given in all uids. To check this, generate a random number and send this number, encrypted with his key, to the other party. The task of the other party is to encrypt the random number and send it back, this time encrypted with your public key (the requirement for the encrypted return channel is to spoil any crypto-analysis attacks). If you're checking multiple uids for one PGP key, keep track of which random number you send to which e-mail address. Here is an example of step 6 using gnupg: % cat >> moe(a)doe.org Hi Moe, please return this message to me. Please sign and encrypt it. Thanks, Joe ^D % dd if=/dev/urandom count=1 | md5 >> moe(a)doe.org % gpg --armor --encrypt moe(a)doe.org > moe(a)doe.org.asc 7. Once you've received his reply, decrypt it and check his signature. If that is successful, that concludes the necessary tests and you can signs his public key. So those of you at the Key Signing party can expect to see one (or several) of these messages from me in the near future. cheers mark
On Mon, Feb 07, 2005 at 05:21:05PM +1300, Mark Davies wrote:
So from the key signing party we should be in the position that for anyone we have verified we are happy that the pgp key we have the fingerprint for is indeed for the person we met but the one thing that the process hasn't done is confirm that all the email addresses listed in the key are under the control of that person.
How would further verification of the email address increase security or trust? By providing their key, and confirming it during the key-signing, the owner is implying the email addresses listed are valid. Non-repudiation doesn't seem to be threatened by an invalid email address. Is there any MUA that requires a PGP signed email originates from one of the user IDs listed in the public key? Nor is privacy is compromised if I send a message encrypted for Alice to Bob's email address. Worst case, it will never reach the intended recipient. I'm happy to confirm my email address via these means, although I don't see enough benefit for me to verify other addresses myself. I would say, as Ewen mentioned, that sending the signed key in an encrypted message is probably best. That way we avoid cluttering the key-servers with what may be useless keys. I shall do that next time. :) Sam.
On Mon, 2005-02-07 at 22:11 +1300, Sam Sargeant wrote:
I'm happy to confirm my email address via these means, although I don't see enough benefit for me to verify other addresses myself. I would say, as Ewen mentioned, that sending the signed key in an encrypted message is probably best. That way we avoid cluttering the key-servers with what may be useless keys.
Uploading keys to the keyservers broadens the web of trust and makes it more likely that when you send me a signed message and I pick up your public key from the server it will have a signature that I trust on it. When I have gone to the trouble of fully verifying ownership of keys I always upload my signatures to the file server. When I do partial verification, for example ask the owner for key fingerprint by email I just locally sign the key and keep it to myself. Russell -- Russell Fulton, Information Security Officer, The University of Auckland New Zealand
On Monday 07 February 2005 22:11, Sam Sargeant wrote: [Interestingly this message, and the one Sam sent 2 minutes before this, took two days to retry sending direct to me and the copies via the list never got to me at all -- Does mailman try to eliminate sending duplicates?]
How would further verification of the email address increase security or trust? By providing their key, and confirming it during the key-signing, the owner is implying the email addresses listed are valid.
The same argument could be made for the real name - why do we insist on photo ID to confirm that "some official entity" says this person is who they say they are, after all what we _know_ is that key belongs to that person we met at the key-signing.
I'm happy to confirm my email address via these means, although I don't see enough benefit for me to verify other addresses myself. I would say, as Ewen mentioned, that sending the signed key in an encrypted message is probably best. That way we avoid cluttering the key-servers with what may be useless keys. I shall do that next time. :)
Certainly when signing a single uid Ewen's approach is fine and there would also be many situations when you have additional reasons to associate the email address with "the body you met". The process I gave merely gives one way of associating the email address and body controlling the key if you are inclined to test it (or how paranoid you feel on the day). When it comes down to it its your call what information you need to sign something and what level of trust you place on things signed by someone else. cheers mark
participants (5)
-
David Robb
-
Joe Abley
-
Mark Davies
-
Russell Fulton
-
Sam Sargeant