Re: Expanding web-of-trust with subkey

[Werner Koch]

On Thu, 16 Feb 2017 15:31, tliko...@iki.fi said:
>> please be aware that if you switch from "trust-model direct" to
>> "trust-model tofu+pgp", then your previous assignments of "trust" will
>> transform into indications of "ownertrust".
>
> That has been my assumption. Thanks for verifying.

I'll add a note to the an page.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgp9abEmpwMLo.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Expanding web-of-trust with subkey

[Teemu Likonen]

Daniel Kahn Gillmor [2017-02-15 13:46:13-05] wrote:

> right, so your use of "trust-model direct" switches the meaning of the
> "trust" flag from its usual "ownertrust" semantics to be what we'd
> normally call "validity".
>
> Note also that when you mark a key itself as "trusted" in this way,
> you're asking GnuPG to treat *all* user IDs on it as valid.

> So if the keyholder updates their key at some point in the future to
> add a new User ID, your GnuPG installation is going to blindly accept
> that User ID as legitimate.

Yes. I have also considered (and used a little) local signatures for the
same use case: local-sign a key after checking it on a web page or in a
tofu-like manner. Local signature can obviously validate only selected
user ids but so far I've concluded that signatures are too strong
statement for not really checked "seems ok" keys. I know that there are
certification levels (like "--default-cert-level 1") but it's just
simpler to use "trust-model direct" and define the level directly.
Changing the decision later is also easier.

> please be aware that if you switch from "trust-model direct" to
> "trust-model tofu+pgp", then your previous assignments of "trust" will
> transform into indications of "ownertrust".

That has been my assumption. Thanks for verifying.

-- 
/// Teemu Likonen   - .-..    //
// PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Expanding web-of-trust with subkey

[Daniel Kahn Gillmor]

On Wed 2017-02-15 11:54:51 -0500, Teemu Likonen wrote:
> That makes things very simple, in a way. I use "trust-model direct" and
> do some checking in web pages or check consistent use of signatures. If
> the key seems ok I'll "--edit-key", type "trust" and assign marginal or
> full trust for that key. That's it. And because I have no use for other
> people's signatures I also have "keyserver-options import-clean" so my
> keyring remains small.

right, so your use of "trust-model direct" switches the meaning of the
"trust" flag from its usual "ownertrust" semantics to be what we'd
normally call "validity".

Note also that when you mark a key itself as "trusted" in this way,
you're asking GnuPG to treat *all* user IDs on it as valid.

So if the keyholder updates their key at some point in the future to add
a new User ID, your GnuPG installation is going to blindly accept that
User ID as legitimate.

Please see A405E58AB3725B396ED1B85C1318EFAC5FBBDBCE as an example of
this kind of thing.  The keyholder cheekily added a new User ID "Satoshi
Nakamoto (www.bitcoin.org) " after his OpenPGP
certificate was created.  I have met the keyholder, and i do not believe
he is actually Satoshi Nakamoto ;)

> When Debian 9 is released, with GnuPG 2.1, I'll try "trust-model
> tofu+pgp" (trust on first use plus web of trust). It seems useful too.

please be aware that if you switch from "trust-model direct" to
"trust-model tofu+pgp", then your previous assignments of "trust" will
transform into indications of "ownertrust".  So someone whose OpenPGP
certificate you previously meant to indicate was valid can now certify
*other* OpenPGP certificates, and the pgp trust model will accept those
certificates as correct :(

Transitioning between trust models without overhauling the ownertrust db
is not a workflow that seems particularly well-supported, unfortunately.

   --dkg


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Expanding web-of-trust with subkey

[Adam Sherman]

On 2017-02-15 10:33 AM, Kristian Fiskerstrand wrote:
>> How do you do that? Is there a type of sub-key you use?
>>
> No, just a completely separated primary key with C capability, no
> subkeys and is never published anywhere, rotated regularly to issue
> lsigns for short term use

Ah, that makes sense. Thanks.

A.

-- 
Adam Sherman 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Expanding web-of-trust with subkey

[Teemu Likonen]

Didrik Nordström [2017-02-14 19:02:08-08] wrote:

> How do you handle key management? Let's say you just want to send a
> signed and encrypted email once to someone who announced their pubkey
> over https? What type of trust would you assign?

I don't personally know anybody who uses gpg. Even if I will meet
someone it's unlikely that signing keys will make me part of any web. So
web of trust is useless for me.

That makes things very simple, in a way. I use "trust-model direct" and
do some checking in web pages or check consistent use of signatures. If
the key seems ok I'll "--edit-key", type "trust" and assign marginal or
full trust for that key. That's it. And because I have no use for other
people's signatures I also have "keyserver-options import-clean" so my
keyring remains small.

When Debian 9 is released, with GnuPG 2.1, I'll try "trust-model
tofu+pgp" (trust on first use plus web of trust). It seems useful too.

-- 
/// Teemu Likonen   - .-..    //
// PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Expanding web-of-trust with subkey

[Kristian Fiskerstrand]

On 02/15/2017 03:27 PM, Adam Sherman wrote:
> On 2017-02-15 06:51 AM, Kristian Fiskerstrand wrote:
>>> Do I need access to my master key in order to expand my web of
>>> trust? This seems like quite a restriction.
>> Yes, although you can generate a local CA key to use for this purpose
>> for short term validity considerations used for local signatures.
> 
> How do you do that? Is there a type of sub-key you use?
> 

No, just a completely separated primary key with C capability, no
subkeys and is never published anywhere, rotated regularly to issue
lsigns for short term use


-- 

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk

Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

Qui audet vincit
Who dares wins



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Expanding web-of-trust with subkey

[Adam Sherman]

On 2017-02-15 06:51 AM, Kristian Fiskerstrand wrote:
>> Do I need access to my master key in order to expand my web of
>> trust? This seems like quite a restriction.
> Yes, although you can generate a local CA key to use for this purpose
> for short term validity considerations used for local signatures.

How do you do that? Is there a type of sub-key you use?

A.


-- 
Adam Sherman 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Expanding web-of-trust with subkey

[Peter Lebbing]

On 15/02/17 13:34, Peter Lebbing wrote:
> I've written a bit about ownertrust for the keysigning party we held
> last December:

Additionally, this topic is also briefly covered in the FAQ[1], which is
an up-to-date and maintained piece of documentation. The

The GNU Privacy Handbook[2] also contains interesting information, but
it hasn't been updated for a long while. It contains some outdated stuff
that makes me hesitate to actually recommend it, but the Web of Trust is
still the same.

Peter.

[1] 
[2] 

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Expanding web-of-trust with subkey

[Peter Lebbing]

On 15/02/17 04:02, Didrik Nordström wrote:
> I wanted to send an email to a new contact (a bug report to a software
> project) so I added the public key and assigned it "Fully trusted" (4).

In addition to Kristian's answer, let me clarify:

"Ownertrust" is your assessment of how much you want to trust
certifications *done* by this person. So if this person A signed the key
of a person B, it determines whether this makes key B valid for you. It
does not relate to the validity of the key of person A!

I've written a bit about ownertrust for the keysigning party we held
last December:



In particular, the first section is relevant.

> Does this have to do with me not having signed the key? If I assigned it
> "Ultimate trust" (5) the warning disappeared.

"Ultimate trust" is the odd one out and is generally only used for your
own keys. This makes the key valid even without a signature.

> So.. Do I need access to my master key in order to expand my web of
> trust? This seems like quite a restriction.

You could also perhaps take a look at TOFU rather than the Web of Trust.
You do need GnuPG 2.1 for that.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Expanding web-of-trust with subkey

[Kristian Fiskerstrand]

On 02/15/2017 04:02 AM, Didrik Nordström wrote:

> 
> So.. Do I need access to my master key in order to expand my web of
> trust? This seems like quite a restriction.

Yes, although you can generate a local CA key to use for this purpose
for short term validity considerations used for local signatures.

For the visible WoT (i.e one others can use in their determination),
having this limited is a very good thing. And it is one of the
constructs that makes it possible to rotate subkeys due to compromise
(e.g loss of a smartcard) without needing to revoke the full primary key.

> 
> How do you handle key management? Let's say you just want to send a
> signed and encrypted email once to someone who announced their pubkey
> over https? What type of trust would you assign?

no trust, that goes to the ability to verify third parties. Local CA and
local (non-exportable) signature

-- 

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk

Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

Qui audet vincit
Who dares wins



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Expanding web-of-trust with subkey

[Didrik Nordström]

Hi, I am new to using PGP in general, but fairly confident in the
cryptographic primitives and the overall concepts. I have issued a master
key on cold storage, and subkeys on my primary machine (one with encryption
and one with signing privileges).

I wanted to send an email to a new contact (a bug report to a software
project) so I added the public key and assigned it "Fully trusted" (4).

Then I ran `gpg2 -esa -r ` and gpg tells me:
*It is NOT certain that the key belongs to the person named in the user
ID.  If you *really* know what you are doing, you may answer the next
question with yes.*

Does this have to do with me not having signed the key? If I assigned it
"Ultimate trust" (5) the warning disappeared.

I tried signing the key:
*Really sign? (y/N) y*
*gpg: signing failed: No secret key*
*gpg: signing failed: No secret key*

It took me quite a while to figure out that I can't sign someones key with
a master key. (Maybe the error message can be improved?)

So.. Do I need access to my master key in order to expand my web of trust?
This seems like quite a restriction.

How do you handle key management? Let's say you just want to send a signed
and encrypted email once to someone who announced their pubkey over https?
What type of trust would you assign?

Best, Didrik
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users