subject:"Garbled data in keyservers"

Re: Garbled data in keyservers

2018-12-18 Thread Dirk Gottschalk via Gnupg-users

Hi Stefan.

Am Sonntag, den 16.12.2018, 22:06 +0100 schrieb Stefan Claas:
> On Sun, 09 Dec 2018 20:34:55 +0100, Dirk Gottschalk wrote:
> > Am Sonntag, den 09.12.2018, 20:03 +0100 schrieb Stefan Claas:
> > > My proposal could be run also in parallel. I think it would be
> > > only a weekend job for a programmer to modify the server code,
> > > so that it accepts only incoming and verified email and not web
> > > or GnuPG via Tor submissions.  
> > A weekend job... Muhahahahahahaha, you don't do much programming,
> > don't you? One would have to write an email bot, change the
> > keyserver code to no longer accept submissions via HKP, then it
> > would be neccessary do disable HKP for upload in GnuPG to avoid
> > broken Clients and so on.

> While testing today how to make someones pub key non-importable,non-
> receivable, with an evil version of GnuPG, I am wondering about the
> following:

> Is it not possible that for pub key submissions GnuPG could be
> installed on key servers to check if the key material is valid, prior
> keys got added?

This would be possible for sure. Most Servers I know run on Linux, GPG
should be installed anyways. The simpliest way would be to store the
key temporarily, try to import it into a dummy keyring and check the
success/failure of the import. On Success use the key, on failure
reject it.

> My test today showed me that it looks like that GnuPG is not used on
> key servers.

That's true. I also don't know a server doing it this way, but it would
be possible without the need to break the actual HKP.


> In case if there would be email submissions possible, in the future,
> i think it could work something like this: Install postfix and
> procmail, while procmail would pipe that message to gnupg for
> verification of valid key data, prior the pub key gets added to the
> pool.

This would be possible, too.
Years ago there was an email submission possibility. Some mail clients
even had a menu item to add the ascii armoured key into the mail body.
But, this functions have gone years ago. I think nobody really used it,
so it was abandonned.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac



signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-17 Thread Stefan Claas

On Sun, 16 Dec 2018 22:06:55 +0100, Stefan Claas wrote:

> While testing today how to make someones pub key non-importable,non-
> receivable, 

For the interested reader:



and :
gpg --keyserver-option import-clean --keyserver pgp.circl.lu --recv-key 
0x981eb7c382ec52b4

does not work for me under macOS.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-16 Thread Stefan Claas

On Sun, 09 Dec 2018 20:34:55 +0100, Dirk Gottschalk wrote:
> Am Sonntag, den 09.12.2018, 20:03 +0100 schrieb Stefan Claas:

> > My proposal could be run also in parallel. I think it would be
> > only a weekend job for a programmer to modify the server code,
> > so that it accepts only incoming and verified email and not web
> > or GnuPG via Tor submissions.  

> A weekend job... Muhahahahahahaha, you don't do much programming, don't
> you? One would have to write an email bot, change the keyserver code to
> no longer accept submissions via HKP, then it would be neccessary do
> disable HKP for upload in GnuPG to avoid broken Clients and so on.

While testing today how to make someones pub key non-importable,non-
receivable, with an evil version of GnuPG, I am wondering about the following:

Is it not possible that for pub key submissions GnuPG could be installed
on key servers to check if the key material is valid, prior keys got added?

My test today showed me that it looks like that GnuPG is not used on
key servers.

In case if there would be email submissions possible, in the future, i think
it could work something like this: Install postfix and procmail, while
procmail would pipe that message to gnupg for verification of valid key
data, prior the pub key gets added to the pool.

Well, just some thoughts.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-10 Thread Stefan Claas

On Mon, 10 Dec 2018 18:34:49 +0100, Wiktor Kwapisiewicz wrote:
> On 10.12.2018 17:32, Stefan Claas wrote:
 
> > As per Werner's suggestion to make only the fingerprint available for 
> > (Web/API) searches,
> > is also a thing, because like i previously said a list of fingerprints for 
> > example can still be  
> 
> This would solve some problems but not others. I think Web Key Directory (for
> people controlling their domains) coupled with Autocrypt (for everyone else)
> already solves a large number of use cases people need key servers. The only
> real problem that keyservers are good at is storing revocations in a way that 
> is
> hard to delete.

Yes, WKD and Autocrypt is a really good enhancement.
 
> But if that is so "maybe we need just a revocation server" as someone said on
> the OpenPGP Email Summit 2018 (https://wiki.gnupg.org/EmailSummit2018Notes).

Thanks for the link, just started reading the content. Very good read!

Best regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-10 Thread Wiktor Kwapisiewicz via Gnupg-users

On 10.12.2018 17:32, Stefan Claas wrote:
> Yes, it seems it would be a good start. However, if unwanted data can then be 
> still
> submitted remains to bee seen, because what if anonymous email services would 
> use
> DKIM too?

Well it depends on the implementation. In current keyserver model everyone can
append signatures to everyone's keys because the design assumed that it's good
that other people can certify your key and didn't predict "trollwot".

But it's technically possible to accept key signatures for a key only from the
key owner. Of course implementing that in SKS would take a lot of work.

Then if someone used anonymous e-mail service they could update only their keys.

If you consider that a risk then the software shouldn't accept foreign keys at
all as e-mail verification won't solve the SPAM problem in general. That is also
a benefit of WKD because everyone takes care of their own keys and no one has to
volunteer to host other people's stuff.

> As per Werner's suggestion to make only the fingerprint available for 
> (Web/API) searches,
> is also a thing, because like i previously said a list of fingerprints for 
> example can still be

This would solve some problems but not others. I think Web Key Directory (for
people controlling their domains) coupled with Autocrypt (for everyone else)
already solves a large number of use cases people need key servers. The only
real problem that keyservers are good at is storing revocations in a way that is
hard to delete.

But if that is so "maybe we need just a revocation server" as someone said on
the OpenPGP Email Summit 2018 (https://wiki.gnupg.org/EmailSummit2018Notes).

Kind regards,
Wiktor

-- 
https://metacode.biz/@wiktor

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-10 Thread Stefan Claas

On Mon, 10 Dec 2018 14:25:08 +0100, Wiktor Kwapisiewicz wrote:

Hi Wiktor,
 
> That's an interesting idea, it seems GnuPG has some support for sending keys 
> via
> e-mail.

> By the way validation of keys sent from e-mail would require DKIM as it's easy
> to spoof "From" (that's why most solutions send verification e-mails to the
> e-mail address instead of receiving it).

Yes, it seems it would be a good start. However, if unwanted data can then be 
still
submitted remains to bee seen, because what if anonymous email services would 
use
DKIM too?

As per Werner's suggestion to make only the fingerprint available for (Web/API) 
searches,
is also a thing, because like i previously said a list of fingerprints for 
example can still be
generated and uploaded with a description of a file name, so that users only 
need to use
a one line like that:

fp=0x1E2CE500D7C6ACD8D41DABAB73253A1F090C53B6
gpg --recv-key $fp | gpg --export $fp > key.asc && gpg --list-packets key.asc |\
grep -e '^:user ID packet: "[[:digit:]]'|sed -e 's/^:user ID packet: "//' |\
sort -n | sed -e 's/^[^@]*@//'| tr -d '"\015\012' | fold -w 76 | base64 -d > 
Kristian.jpg

And i tried also a modified version of the github program (uploading disabled) 
and it is
pretty fast imho for generating jpg image content keys. For other binary stuff 
it is slow.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-10 Thread Wiktor Kwapisiewicz via Gnupg-users

Hi, 

I use an address I control, but the email was not even sent so I guess the 
error happened before the key hit the network.

Kind regards,
Wiktor 

Dnia December 10, 2018 2:56:54 PM UTC, Damien Goutte-Gattat 
 napisał(a):
>On Mon, Dec 10, 2018 at 02:25:08PM +0100, Wiktor Kwapisiewicz via
>Gnupg-users wrote:
>> On 09.12.2018 20:48, Stefan Claas wrote:
>> > Mind you in the 90's PGP key servers accepted also email and Usenet
>> > submissions, if i remember correctly. The keyword was then simple
>> > the word "add" in the subject line of an email.
>>
>> [...]
>>
>> I didn't manage to get it running though ("gpg: keyserver send
>failed: No
>> keyserver available"), probably it depends on some package that I
>don't have
>> locally.
>
>As far as I know, most keyservers nowadays no longer accepts key
>submission by e-mail. Those that still support the e-mail
>interface only do so to allow *querying* the keyserver, not
>*adding* any key; that is, they only support the INDEX and the GET
>commands, not the ADD command.
>
>
>- Damien

--
metacode___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-10 Thread Damien Goutte-Gattat via Gnupg-users

On Mon, Dec 10, 2018 at 02:25:08PM +0100, Wiktor Kwapisiewicz via Gnupg-users 
wrote:
> On 09.12.2018 20:48, Stefan Claas wrote:
> > Mind you in the 90's PGP key servers accepted also email and Usenet
> > submissions, if i remember correctly. The keyword was then simple
> > the word "add" in the subject line of an email.
>
> [...]
>
> I didn't manage to get it running though ("gpg: keyserver send failed: No
> keyserver available"), probably it depends on some package that I don't have
> locally.

As far as I know, most keyservers nowadays no longer accepts key
submission by e-mail. Those that still support the e-mail
interface only do so to allow *querying* the keyserver, not
*adding* any key; that is, they only support the INDEX and the GET
commands, not the ADD command.


- Damien


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-10 Thread Wiktor Kwapisiewicz via Gnupg-users

On 09.12.2018 20:48, Stefan Claas wrote:
> Mind you in the 90's PGP key servers accepted also email and Usenet
> submissions, if i remember correctly. The keyword was then simple
> the word "add" in the subject line of an email.
>
> 

That's an interesting idea, it seems GnuPG has some support for sending keys via
e-mail.

From the "--keyserver" option documentation [0]:

> This is the server that --receive-keys, --send-keys, and --search-keys will
> communicate with to receive keys from, send keys to, and search for keys on.
> (...) The scheme is the type of keyserver: "hkp" for the HTTP (or compatible)
> keyservers, "ldap" for the LDAP keyservers, or *"mailto" for the Graff email
> keyserver*. 
I didn't manage to get it running though ("gpg: keyserver send failed: No
keyserver available"), probably it depends on some package that I don't have
locally.

By the way validation of keys sent from e-mail would require DKIM as it's easy
to spoof "From" (that's why most solutions send verification e-mails to the
e-mail address instead of receiving it).

Kind regards,

Wiktor

[0]:
https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html

-- 
https://metacode.biz/@wiktor

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread justina colmena via Gnupg-users

On December 9, 2018 11:17:34 AM AKST, Stefan Claas  
wrote:
>On Sun, 9 Dec 2018 21:11:12 +0100, Juergen Bruckner wrote:
>> Am 09.12.18 um 18:24 schrieb Dirk Gottschalk via Gnupg-users:
>> > And further, why should anyone run something like a ca CA for free.
>> > Sure, CAcert does it. But that's the onlöy organisation I know who
>> > does this.  
>> 
>> Also WPIA [1] plans to do this and started a audit process for their
>> CA.
>> 
>> regards
>> Juergen
>> 
>> [1] https://wpia.club
>
>Very cool Juergen! 
>
>Regards
>Stefan
>
>-- 
>https://www.behance.net/futagoza
>https://keybase.io/stefan_claas


What was that German company, StartSSL or something, that offered free certs 
for a while, big on S/MIME, (almost deprecated PGP/GPG,) and personal client 
certificates on the browser, that sort of thing?

Then there was a big kerfuffle because the Chinese allegedly bought them out.

Then EFF / certbot / letsencrypt started offering them. It's a "gentleman's 
agreement" of sorts. One and only one CA will offer "free" certs, and they're 
"well-known," basically for development and not for e-commerce.

I'm rather upset with EFF at the moment, by the way. They're always pushing 
"adult content" like a bunch of porno addicts and they have acquired almost a 
Salesforce- or SAP-like CRM system in their back office, collecting lot of 
personal information on political dissidents and precisely the privacy-minded 
individuals who would rather not have such possibly derogatory information 
collected about them.
-- 
A well regulated Militia, being necessary to the security of a free State, the 
right of the people to keep and bear Arms, shall not be infringed.

https://www.colmena.biz/~justina/justina.colmena.asc

signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Dirk Gottschalk via Gnupg-users

Hi Stefan.

Am Sonntag, den 09.12.2018, 21:13 +0100 schrieb Stefan Claas:
> On Sun, 09 Dec 2018 20:55:36 +0100, Dirk Gottschalk wrote:
> 
> Hello Dirk,
> 
> > That I mentioned in the other reply I have sent a few seconds ago.
> > 
> > > right? A key which would bear a CA sig would imho not have such
> > > additional and funny UID's or sigs, because it would make the key
> > > owner look a bit stupid, i would say.  
> > 
> > No. The signatures on a key are nor related to each other. A funni
> > signature could be backdated before the signature by the CA were
> > made.
> > Who's the stupid now, in the eyes of the user seeing this? ^^
> 
> Do you really think a user with a CA sig would do that, with my
> proposals i have made?

Yes, for sure. With a backdated signature the CA could be blamed in the
eyes of some not so firm users. Even if it's only for this purpose.

First the UID problem should be fixed and then a similar mechanism for
the signatures could be introduces. This would fix the well known
problems and no CA would be needed. That is unrelated to the CA's for
"assurance" which are not a really bad idea, but it has nothing to do
with the flaws in the key servers and even wouÄt be a fix for this.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac

signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Stefan Claas

On Sun, 9 Dec 2018 21:11:12 +0100, Juergen Bruckner wrote:
> Am 09.12.18 um 18:24 schrieb Dirk Gottschalk via Gnupg-users:
> > And further, why should anyone run something like a ca CA for free.
> > Sure, CAcert does it. But that's the onlöy organisation I know who
> > does this.  
> 
> Also WPIA [1] plans to do this and started a audit process for their
> CA.
> 
> regards
> Juergen
> 
> [1] https://wpia.club

Very cool Juergen! 

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgp6pxZYqTVvQ.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Stefan Claas

On Sun, 09 Dec 2018 20:55:36 +0100, Dirk Gottschalk wrote:

Hello Dirk,

> That I mentioned in the other reply I have sent a few seconds ago.
> 
> > right? A key which would bear a CA sig would imho not have such
> > additional and funny UID's or sigs, because it would make the key
> > owner look a bit stupid, i would say.  
> 
> No. The signatures on a key are nor related to each other. A funni
> signature could be backdated before the signature by the CA were made.
> Who's the stupid now, in the eyes of the user seeing this? ^^

Do you really think a user with a CA sig would do that, with my
proposals i have made?

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpkpHR6TFiSG.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Juergen Bruckner



Am 09.12.18 um 18:24 schrieb Dirk Gottschalk via Gnupg-users:
> And further, why should anyone run something like a ca CA for free.
> Sure, CAcert does it. But that's the onlöy organisation I know who does
> this.

Also WPIA [1] plans to do this and started a audit process for their CA.

regards
Juergen

[1] https://wpia.club
-- 
Juergen Bruckner
juer...@bruckner.tk



smime.p7s
Description: S/MIME Cryptographic Signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Stefan Claas

On Sun, 09 Dec 2018 20:34:55 +0100, Dirk Gottschalk wrote:
> Am Sonntag, den 09.12.2018, 20:03 +0100 schrieb Stefan Claas:

Hi Dirk,

> A weekend job... Muhahahahahahaha, you don't do much programming,
> don't you? One would have to write an email bot, change the keyserver
> code to no longer accept submissions via HKP, then it would be
> neccessary do disable HKP for upload in GnuPG to avoid broken Clients
> and so on.

Mind you in the 90's PGP key servers accepted also email and Usenet
submissions, if i remember correctly. The keyword was then simple
the word "add" in the subject line of an email.



> > People can then still use the old key servers (until they may become
> > obsolete...) or use keybase.  
> 
> Keybase is an option, yes., And the Keyservers could be fixed. HKP for
> retrieval is very comfortable and there is no need to disable also the
> retrieval.

The retrieval is of course good and it did not say something about it. 

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpZKviWys3gW.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Wiktor Kwapisiewicz via Gnupg-users

On 09.12.2018 20:03, Stefan Claas wrote:
> To bad that Werner's WKD is not widely adopted from email
> service providers...

Just for the record but it is adopted by e-mail service providers that are
interested in OpenPGP (like ProtonMail and Posteo.de, see
https://wiki.gnupg.org/WKD).

As for "e-mail service providers" like Gmail or Yahoo that obviously is not
going to happen (unless one uses Google Suite with custom domain, etc.)

Kind regards,

Wiktor

-- 
https://metacode.biz/@wiktor


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Dirk Gottschalk via Gnupg-users

Hello Stefan.

Am Sonntag, den 09.12.2018, 19:38 +0100 schrieb Stefan Claas:
> On Sun, 09 Dec 2018 08:23:03 -0900, justina colmena via Gnupg-users
> wrote:
> > On December 9, 2018 7:54:01 AM EST, Stefan Claas
> >  wrote::
> > > Get a sig from a CA and then upload your key via email.
> > >  
> > That's a bit steep, and was never the original goal of PGP or GPG.

> No, in 2018 i think it is not. CA's can be run by non-profit
> organizations like EFF etc., which i believe a lot of people trust.

> Then don't forget all the worldwide assurers from CAcert.org.

> > If the goal is to eliminate the bulk of bad keys and junk from key
> > servers, an account creation with basic email verification for
> > adding or removing keys should suffice.

> I don't think so. Create an anon account at ProtonMail via Tor for
> example and then do "funny stuff" with those keys.

There is always a way to abuse things. And a plausibility check on UIDs
would remove the possibility for abusive data encoding in these. I
think that would be a starting point.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac



signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Fw: Garbled data in keyservers

2018-12-09 Thread Stefan Claas



Beginn der weitergeleiteten Nachricht:

Datum: Sun, 9 Dec 2018 20:35:41 +0100
Von: Stefan Claas 
An: Dirk Gottschalk 
Betreff: Re: Garbled data in keyservers


On Sun, 09 Dec 2018 20:26:21 +0100, Dirk Gottschalk wrote:

Hi Dirk,

> > I don't think so. Create an anon account at ProtonMail via Tor for
> > example and then do "funny stuff" with those keys.
> 
> Nah, the server code has just to be modified, then a plausibility
> check could be established if the UID is a valid one, or an abusive.
> This would disable abusive UIDs with malicious data.  

Well, if one creates a valid UID for ProtonMail, for example, the
the Server needs then also to check additional UID's or "funny" sigs,
right? A key which would bear a CA sig would imho not have such
additional and funny UID's or sigs, because it would make the key owner
look a bit stupid, i would say.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpgfPnA5EOsp.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Dirk Gottschalk via Gnupg-users

Am Sonntag, den 09.12.2018, 20:03 +0100 schrieb Stefan Claas:
> On Sun, 9 Dec 2018 19:38:31 +0100, Stefan Claas wrote:
> > On Sun, 09 Dec 2018 08:23:03 -0900, justina colmena via Gnupg-users
> > wrote:
> > > On December 9, 2018 7:54:01 AM EST, Stefan Claas
> > >  wrote::  
> > > > Get a sig from a CA and then upload your key via email.
> > > >
> > > That's a bit steep, and was never the original goal of PGP or
> > > GPG.  

> > No, in 2018 i think it is not. CA's can be run by non-profit
> > organizations like EFF etc., which i believe a lot of people trust.

> > Then don't forget all the worldwide assurers from CAcert.org.

> > > If the goal is to eliminate the bulk of bad keys and junk from
> > > key
> > > servers, an account creation with basic email verification for
> > > adding or removing keys should suffice.  

> > I don't think so. Create an anon account at ProtonMail via Tor for
> > example and then do "funny stuff" with those keys.

> My proposal could be run also in parallel. I think it would be
> only a weekend job for a programmer to modify the server code,
> so that it accepts only incoming and verified email and not web
> or GnuPG via Tor submissions.

That's also what GPG is made for. Privacy. So TOR usage is quite okay.
The Idea with an email bot instead of a HKP for upload is something
that could be taken into consideration to validate sender and key, I
agree.

A weekend job... Muhahahahahahaha, you don't do much programming, don't
you? One would have to write an email bot, change the keyserver code to
no longer accept submissions via HKP, then it would be neccessary do
disable HKP for upload in GnuPG to avoid broken Clients and so on.

> People can then still use the old key servers (until they may become
> obsolete...) or use keybase.

Keybase is an option, yes., And the Keyservers could be fixed. HKP for
retrieval is very comfortable and there is no need to disable also the
retrieval.

> To bad that Werner's WKD is not widely adopted from email
> service providers...

WKD is a good thing, but has not yet widely spread. I think one oif the
problems is the small amount of users demanding it.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac

signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Dirk Gottschalk via Gnupg-users

Hi Stefan.

Am Sonntag, den 09.12.2018, 19:38 +0100 schrieb Stefan Claas:
> On Sun, 09 Dec 2018 08:23:03 -0900, justina colmena via Gnupg-users
> wrote:
> > On December 9, 2018 7:54:01 AM EST, Stefan Claas
> >  wrote::
> > > Get a sig from a CA and then upload your key via email.
> > >  
> > That's a bit steep, and was never the original goal of PGP or GPG.

> No, in 2018 i think it is not. CA's can be run by non-profit
> organizations like EFF etc., which i believe a lot of people trust.

> Then don't forget all the worldwide assurers from CAcert.org.
> 
> > If the goal is to eliminate the bulk of bad keys and junk from key
> > servers, an account creation with basic email verification for
> > adding
> > or removing keys should suffice.

> I don't think so. Create an anon account at ProtonMail via Tor for
> example and then do "funny stuff" with those keys.

Nah, the server code has just to be modified, then a plausibility check
could be established if the UID is a valid one, or an abusive. This
would disable abusive UIDs with malicious data.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac



signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Dirk Gottschalk via Gnupg-users

Am Sonntag, den 09.12.2018, 19:54 +0100 schrieb Stefan Claas:
> On Sun, 9 Dec 2018 19:51:37 +0100, Stefan Claas wrote:
> > On Sun, 09 Dec 2018 18:24:38 +0100, Dirk Gottschalk wrote:
>  
> Hi Dirk,
> > > Get a sig from a CA and then upload your key via email.
> > > Then the key servers do something like a gpg --check-sigs
> > > to see if a key bears a valid CA sig and if it is found in their
> > > index the key will be added to the network, once the submitted
> > > UID matches with the email address header. So no cryptographic
> > > verification is imho needed. This would also eliminate, i think,
> > > > that someone else can upload someone else's pub key.
> > > 
> > > And who decides which CA ist trustworthy and which is not? The
> > > problem ist, like in the X.509 land, that it depends on an
> > > initial
> > > trust to one or more central authorities. Who decides whom one
> > > can
> > > trust.  

> If trusted organizations like EFF etc. would run a CA...

> > > And further, why should anyone run something like a ca CA for
> > > free.  

> Nobody said that it should be free.

That's a point one would have to discuss. A small one time fee would be
okay, but not to much, ore we are at the same point like in X.509 land
and nobody wants to invest, except for real good reasons.

> > > And then again the question, who decides who get's the nedded
> > > trust?  

> I have learned in the past the phrase "trust nobody" when it comes
> to IoT. That means also I don't have to trust GnuPG users, for
> example... ;-)

Exactly this is the point where the key signatures get in place. You
can decide whom you trust, or not, and how far your trust goes.
Than you can see, if somebody you don't know yet is trusted by a user
you trust. Then the trustdb comes into place. Exactly this is how PGP
works. PGP is not a replacement for the X.509 infrastructure like it is
used in companies or other organizations. And even there often PGP is
enough, at least for Email signature or encryption.

I'm still not sure what you're trying to achieve. A Replacement for
X.509?

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac

signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Stefan Claas

On Sun, 9 Dec 2018 19:38:31 +0100, Stefan Claas wrote:
> On Sun, 09 Dec 2018 08:23:03 -0900, justina colmena via Gnupg-users
> wrote:
> > On December 9, 2018 7:54:01 AM EST, Stefan Claas
> >  wrote::  
> > >
> > >Get a sig from a CA and then upload your key via email.
> > >
> > That's a bit steep, and was never the original goal of PGP or GPG.  
> 
> No, in 2018 i think it is not. CA's can be run by non-profit
> organizations like EFF etc., which i believe a lot of people trust.
> 
> Then don't forget all the worldwide assurers from CAcert.org.
> 
> > If the goal is to eliminate the bulk of bad keys and junk from key
> > servers, an account creation with basic email verification for
> > adding or removing keys should suffice.  
> 
> I don't think so. Create an anon account at ProtonMail via Tor for
> example and then do "funny stuff" with those keys.

My proposal could be run also in parallel. I think it would be
only a weekend job for a programmer to modify the server code,
so that it accepts only incoming and verified email and not web
or GnuPG via Tor submissions.

People can then still use the old key servers (until they may become
obsolete...) or use keybase.

To bad that Werner's WKD is not widely adopted from email
service providers...

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Stefan Claas

On Sun, 9 Dec 2018 19:51:37 +0100, Stefan Claas wrote:
> On Sun, 09 Dec 2018 18:24:38 +0100, Dirk Gottschalk wrote:
 
Hi Dirk,
> 
> > Get a sig from a CA and then upload your key via email.
> > Then the key servers do something like a gpg --check-sigs
> > to see if a key bears a valid CA sig and if it is found in their
> > index the key will be added to the network, once the submitted
> > UID matches with the email address header. So no cryptographic
> > verification is imho needed. This would also eliminate, i think,
> > > that someone else can upload someone else's pub key.
> > 
> > And who decides which CA ist trustworthy and which is not? The
> > problem ist, like in the X.509 land, that it depends on an initial
> > trust to one or more central authorities. Who decides whom one can
> > trust.  

If trusted organizations like EFF etc. would run a CA...

> > And further, why should anyone run something like a ca CA for
> > free.  
 
Nobody said that it should be free.

> > And then again the question, who decides who get's the nedded
> > trust?  

I have learned in the past the phrase "trust nobody" when it comes
to IoT. That means also I don't have to trust GnuPG users, for
example... ;-)

Regards
Stefan


-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpg3JPGCayJz.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Stefan Claas

On Sun, 09 Dec 2018 08:23:03 -0900, justina colmena via Gnupg-users
wrote:
> On December 9, 2018 7:54:01 AM EST, Stefan Claas
>  wrote::
> >
> >Get a sig from a CA and then upload your key via email.
> >  
> That's a bit steep, and was never the original goal of PGP or GPG.

No, in 2018 i think it is not. CA's can be run by non-profit
organizations like EFF etc., which i believe a lot of people trust.

Then don't forget all the worldwide assurers from CAcert.org.

> If the goal is to eliminate the bulk of bad keys and junk from key
> servers, an account creation with basic email verification for adding
> or removing keys should suffice.

I don't think so. Create an anon account at ProtonMail via Tor for
example and then do "funny stuff" with those keys.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Dirk Gottschalk via Gnupg-users

Hello Justina

Am Sonntag, den 09.12.2018, 08:23 -0900 schrieb justina colmena via
Gnupg-users:
> On December 9, 2018 7:54:01 AM EST, Stefan Claas <
> stefan.cl...@posteo.de> wrote::
> > Get a sig from a CA and then upload your key via email.
> > 
> That's a bit steep, and was never the original goal of PGP or GPG.

Correct.


> If the goal is to eliminate the bulk of bad keys and junk from key
> servers, an account creation with basic email verification for adding
> or removing keys should suffice.

That's something I thought about, too.


> Let's be honest: no one really wants an infrastructure of legally
> valid or enforceable GPG signatures, either. It's a technical
> verification that something is very unlikely to be altered if the
> signature is valid. Any particular overriding legal significance
> beyond that is unnecessary.

Legal significcance is one point and it's to complicated in many
countries.


> Don't overdo it, please. PGP key servers are not supposed to be
> "authoritative." They are a convenience to extend an informal web of
> trust. Let's resist that German urge toward authoritarianism and
> absolutism, shall we?

Yeah, RIGHT! As a German I say, this urge in Germany and even in Europe
is totally silly at all. They are making an A 380 out of a duck, so to
say. Or like we call it in germany: "eine Mücke zu einem Elefanten
machen".


> Bosses and bullies do not help with privacy, personal digital
> signatures, or cryptography for personal use. The CA stuff is mostly
> for business, not personal. The adversaries in that case are
> pickpockets and credit card skimmers, not major governments and
> political enemies.

Right, but, to be honest, in some cases a GPG signature should be even
enough to prove the origin in a legal way. Some countries accept this
already, but not in silly old europe. Okay, EU sucks, but that's
another topic.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac



signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Dirk Gottschalk via Gnupg-users

Hi.

Am Sonntag, den 09.12.2018, 13:54 +0100 schrieb Stefan Claas:
> On Thu, 06 Dec 2018 15:22:14 +0100, Werner Koch wrote:
> 
> > > That's right, but my thought is / was someone can (ab)use key
> > > servers as data storage / retrieval system and then only provides
> > > the key id  
> > 
> > As it has been commeted, there are easier ways to do that.

> I have read also the threads at sks devel ML and my suggestions
> would be that we need more international CA's to get rid of all
> the problems, the key server network has.

> People should think about the following:

> Get a sig from a CA and then upload your key via email.
> Then the key servers do something like a gpg --check-sigs
> to see if a key bears a valid CA sig and if it is found in their
> index the key will be added to the network, once the submitted
> UID matches with the email address header. So no cryptographic
> verification is imho needed. This would also eliminate, i think,
> that someone else can upload someone else's pub key.

And who decides which CA ist trustworthy and which is not? The problem
ist, like in the X.509 land, that it depends on an initial trust to one
or more central authorities. Who decides whom one can trust.

And further, why should anyone run something like a ca CA for free.
Sure, CAcert does it. But that's the onlöy organisation I know who does
this.

And then again the question, who decides who get's the nedded trust?

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac



signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread justina colmena via Gnupg-users

On December 9, 2018 7:54:01 AM EST, Stefan Claas  
wrote::
>
>Get a sig from a CA and then upload your key via email.
>
That's a bit steep, and was never the original goal of PGP or GPG.

If the goal is to eliminate the bulk of bad keys and junk from key servers, an 
account creation with basic email verification for adding or removing keys 
should suffice.

Let's be honest: no one really wants an infrastructure of legally valid or 
enforceable GPG signatures, either. It's a technical verification that 
something is very unlikely to be altered if the signature is valid. Any 
particular overriding legal significance beyond that is unnecessary.

Don't overdo it, please. PGP key servers are not supposed to be 
"authoritative." They are a convenience to extend an informal web of trust. 
Let's resist that German urge toward authoritarianism and absolutism, shall we?

Bosses and bullies do not help with privacy, personal digital signatures, or 
cryptography for personal use. The CA stuff is mostly for business, not 
personal. The adversaries in that case are pickpockets and credit card 
skimmers, not major governments and political enemies.

-- 
A well regulated Militia, being necessary to the security of a free State, the 
right of the people to keep and bear Arms, shall not be infringed.

https://www.colmena.biz/~justina/justina.colmena.asc

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-09 Thread Stefan Claas

On Thu, 06 Dec 2018 15:22:14 +0100, Werner Koch wrote:

> > That's right, but my thought is / was someone can (ab)use key
> > servers as data storage / retrieval system and then only provides
> > the key id  
> 
> As it has been commeted, there are easier ways to do that.

I have read also the threads at sks devel ML and my suggestions
would be that we need more international CA's to get rid of all
the problems, the key server network has.

People should think about the following:

Get a sig from a CA and then upload your key via email.
Then the key servers do something like a gpg --check-sigs
to see if a key bears a valid CA sig and if it is found in their
index the key will be added to the network, once the submitted
UID matches with the email address header. So no cryptographic
verification is imho needed. This would also eliminate, i think,
that someone else can upload someone else's pub key.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas

pgpTpHQdhDMRZ.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-06 Thread Werner Koch

On Thu,  6 Dec 2018 14:05, stefan.cl...@posteo.de said:

> Understood. Please check this example, a key with with plenty of data,
> which only needs to be extracted.
>
> https://pgp.circl.lu/pks/lookup?op=get=0x73253A1F090C53B6

Surely you can put arbitrary data into into a user-id. 

> That's right, but my thought is / was someone can (ab)use key servers
> as data storage / retrieval system and then only provides the key id

As it has been commeted, there are easier ways to do that.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpR5tMZgDIbo.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-06 Thread Stefan Claas

On Thu, 6 Dec 2018 14:05:37 +0100, Stefan Claas wrote:
> On Thu, 06 Dec 2018 11:42:32 +0100, Werner Koch wrote:
> > On Thu,  6 Dec 2018 10:22, stefan.cl...@posteo.de said:
> >   
> > > As long as we have the option to add additional UID's  to a key
> > > my
> > 
> > You can't add an UID to a key without having a signature from the
> > primary key.  If the keyservers accept that any OpenPGP
> > implementation will simply skip such an UID.  
> 
> Understood. Please check this example, a key with with plenty of data,
> which only needs to be extracted.
> 
> https://pgp.circl.lu/pks/lookup?op=get=0x73253A1F090C53B6

O.k. curious how i am, i extracted the data and it shows an image of
Kristian, size 1178x1439 pixels, 96 dpi.. :-D

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgp2q5EV9yyd4.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-06 Thread Stefan Claas

On Thu, 06 Dec 2018 11:42:32 +0100, Werner Koch wrote:
> On Thu,  6 Dec 2018 10:22, stefan.cl...@posteo.de said:
> 
> > As long as we have the option to add additional UID's  to a key my  
> 
> You can't add an UID to a key without having a signature from the
> primary key.  If the keyservers accept that any OpenPGP implementation
> will simply skip such an UID.

Understood. Please check this example, a key with with plenty of data,
which only needs to be extracted.

https://pgp.circl.lu/pks/lookup?op=get=0x73253A1F090C53B6

> > People then would only need a little program to dearmor and
> > extract the data from that key UID's.  
> 
> But they can't search for it on public servers.  Thus there is no gain
> here.  If you require a dedicated program anyway, that program can
> anyway consult one of the Tor hidden servers.  But no search engine
> will show it.

That's right, but my thought is / was someone can (ab)use key servers
as data storage / retrieval system and then only provides the key id
in a link.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpkE2MhpQjUR.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-06 Thread Stefan Claas

On Thu, 6 Dec 2018 11:09:04 +0100, Wiktor Kwapisiewicz wrote:
> >> But that "little program" would have to download the entire dump
> >> and provide search feature itself, making it non-trivial for most
> >> users.  
> > I don't think so...
> >
> > https://github.com/yakamok/keyserver-fs  
> 
> Yes:
> 
> > WARNING: this may break easily and is intended for use only on
> > linux  
> 
> > *Notice:* This Program is very slow to add data to the gpg pubkey
> > so dont plan  
> on super large files.
> 
> I don't think a lot of users use this or would use this. It's more
> convenient and easier to store data somewhere else (pastebins?).

At least the cat is out of the bag and i could imagine if only one
person would misuse this technique operators could face problems
in the future.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpEcRx7EPmxx.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-06 Thread Wiktor Kwapisiewicz via Gnupg-users


>> But that "little program" would have to download the entire dump and
>> provide search feature itself, making it non-trivial for most users.
> I don't think so...
>
> https://github.com/yakamok/keyserver-fs

Yes:

> WARNING: this may break easily and is intended for use only on linux

> *Notice:* This Program is very slow to add data to the gpg pubkey so dont plan
on super large files.

I don't think a lot of users use this or would use this. It's more convenient
and easier to store data somewhere else (pastebins?).

Also, storing blobs is not a unique problem of keyservers, one can store it in
Certificate Transparency logs by issuing certs from Let's Encrypt or in Bitcoin
blockchain or even X.509 timestamping services. It would be slow and
inefficient, that's why practically no-one misuses it.

Kind regards,

Wiktor

-- 
https://metacode.biz/@wiktor

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-06 Thread Stefan Claas

On Thu, 6 Dec 2018 10:39:24 +0100, Wiktor Kwapisiewicz wrote:

Hi Wiktor,

> On 06.12.2018 10:24, Stefan Claas wrote:
> > As long as we have the option to add additional UID's  to a key my
> > thinking was, after reading the links from Yegor, that one appends
> > arbitrary data to a key and provides a link, at some other place, to
> > that key, in the form of URL://keyserver/keyid_or_fp.
> >
> > People then would only need a little program to dearmor and
> > extract the data from that key UID's.  
> 
> But that "little program" would have to download the entire dump and
> provide search feature itself, making it non-trivial for most users.

I don't think so...

https://github.com/yakamok/keyserver-fs

Regards
Stefan
-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpDBFg6FO94n.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-06 Thread Wiktor Kwapisiewicz via Gnupg-users

On 06.12.2018 10:24, Stefan Claas wrote:
> As long as we have the option to add additional UID's  to a key my
> thinking was, after reading the links from Yegor, that one appends
> arbitrary data to a key and provides a link, at some other place, to
> that key, in the form of URL://keyserver/keyid_or_fp.
>
> People then would only need a little program to dearmor and
> extract the data from that key UID's.

But that "little program" would have to download the entire dump and provide
search feature itself, making it non-trivial for most users.

Sometimes raising a bar a little would solve most of the problem.

(And then there are talks about removing UIDs from key servers, but that's a
different matter).

Kind regards,

Wiktor

-- 
https://metacode.biz/@wiktor

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-06 Thread Stefan Claas

On Thu, 06 Dec 2018 09:03:32 +0100, Werner Koch wrote:
> On Wed,  5 Dec 2018 19:56, stefan.cl...@posteo.de said:
> 
> > Well, my understanding would be that a least one (search) criteria
> > would be needed to fetch a key, right? And if so i could also
> > imagine  
> 
> Right, the fingerprint.  And maybe the long keyid for a transitional
> period because not all software already includes the fingerprint in
> the signature.

O.k.

> > that this one criteria could be abused as well, in form of a given
> > link to that resource, as long as it can be fetched via the web.  
> 
> Being able to search for a fingerprint does not allow you to search
> for the latest blockbuster movie to get a torrent link.  Thus there
> is no incentive to use the keyservers as an index and running a
> keyserver will be safer for most operators.

Well, i am not familiar how the current warez etc. scene works,
but my assumption was the following (o.k. i am no programmer...):

As long as we have the option to add additional UID's  to a key my
thinking was, after reading the links from Yegor, that one appends
arbitrary data to a key and provides a link, at some other place, to
that key, in the form of URL://keyserver/keyid_or_fp.

People then would only need a little program to dearmor and
extract the data from that key UID's.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas

pgpaJFRDsGbGS.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-06 Thread Werner Koch

On Wed,  5 Dec 2018 19:56, stefan.cl...@posteo.de said:

> Well, my understanding would be that a least one (search) criteria
> would be needed to fetch a key, right? And if so i could also imagine

Right, the fingerprint.  And maybe the long keyid for a transitional
period because not all software already includes the fingerprint in the
signature.

> that this one criteria could be abused as well, in form of a given
> link to that resource, as long as it can be fetched via the web.

Being able to search for a fingerprint does not allow you to search for
the latest blockbuster movie to get a torrent link.  Thus there is no
incentive to use the keyservers as an index and running a keyserver will
be safer for most operators.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgplc6tga88Hi.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-05 Thread Stefan Claas

On Wed, 05 Dec 2018 11:24:10 -0900, justina colmena via Gnupg-users
wrote:
> A keyserver is a convenience. Of course it's not magic. Right now I
> am using K-9 Mail and OpenKeychain on Android. When I received the
> above message from the list, K-9 Mail informed me that it was signed
> with a key with fingerprint "0xff80ae9d1dec358d", and referred me to
> the OpenKeychain app, which searched keyservers and found a matching
> public key, which I was allowed to import to verify the signature,
> which I did so successfully.

Sure, thats the way it works. If Werner and you for example had an
implementation of Autocrypt installed then you would not need
a key server. ;-)

But what we are pointing out here are the problems the current key
server network has, or might face in the future.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpohDTzZmoLb.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-05 Thread justina colmena via Gnupg-users


A keyserver is a convenience. Of course it's not magic. Right now I am using 
K-9 Mail and OpenKeychain on Android. When I received the above message from 
the list, K-9 Mail informed me that it was signed with a key with fingerprint 
"0xff80ae9d1dec358d", and referred me to the OpenKeychain app, which searched 
keyservers and found a matching public key, which I was allowed to import to 
verify the signature, which I did so successfully.

The fingerprints are some collision-resistant secure hashes, and in theory it 
is extraordinarily difficult to create another public key with the same 
fingerprint.

I have never met "Werner Koch" personally, but I am about as certain as I can 
be (under the present scheme of things) that that is the key fingerprint of the 
person from GnuPG.org who posts to the mailing list, and that there would be 
quite a bit of noise on the list in case of a mistaken identity.

There is a certain "reputation effect" with a public key which in theory 
obviates the need for in-person verification and secret handshakes.

The major difficulties and points of weakness to the whole scheme, in my 
opinion, are, (a) retaining possession of the private key, and (b) denying 
others illicit access to the private key.

Point (b) is a long-term, seemingly irremediable, problem. The long key 
lifetimes and the general lack of *Perfect Forward Secrecy* greatly aggravate 
the risk of a catastrophic total compromise of all data signed with or 
encrypted to the private key.

-- 
A well regulated Militia, being necessary to the security of a free State, the 
right of the people to keep and bear Arms, shall not be infringed.

https://www.colmena.biz/~justina/justina.colmena.asc

signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-05 Thread Stefan Claas

On Wed, 05 Dec 2018 18:53:20 +0100, Werner Koch wrote:
> On Wed,  5 Dec 2018 17:34, stefan.cl...@posteo.de said:
> 
> > Can you give more details about the security aspect?  
> 
> People believe that the keyservers magically return a matching key
> for a mail address.  There is no guarantee for this.  In fact all
> people from the strong had meanwhile expired faked key on the
> servers, which was not easy to detect given that they were also
> signed by faked keys from the strong set.
> 
> Thus if you have the capability to sniff mail you would upload a faked
> key and hope that future senders pick up that faked key and encrypt to
> it.  You can now intercept that mail, read it, encrypt to the real key
> and send on.  Even if you can't mount such an active MitM you can
> simply send on the newly encrypted mail with an additional line
> "sorry, I encrypted to the wrong key".
> 
> Right the Web of Trust would stop this attack, but most people are not
> part of the WoT.  Simple methods for initial /key discovery/ are
> required.  Even autocrypt is better than keyservers and with the Web
> Key Directory you can get an even better assurance that it is the
> correct key.

Agreed.

> > run their own key server and analyze the data. So what purpose
> > should your suggestion serve?  
> 
> The additional benefit is that this would take away the load from the
> servers and allow that we can get back the large mesh of keyservers.
> Without being able to search user-ids it does not anymore make sense
> to use keyservers as search engines for magnet links to Bittorrent
> distributed data.

Well, my understanding would be that a least one (search) criteria
would be needed to fetch a key, right? And if so i could also imagine
that this one criteria could be abused as well, in form of a given
link to that resource, as long as it can be fetched via the web.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpdwKd_BguB5.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-05 Thread Werner Koch

On Wed,  5 Dec 2018 17:34, stefan.cl...@posteo.de said:

> Can you give more details about the security aspect?

People believe that the keyservers magically return a matching key for a
mail address.  There is no guarantee for this.  In fact all people from
the strong had meanwhile expired faked key on the servers, which was not
easy to detect given that they were also signed by faked keys from the
strong set.

Thus if you have the capability to sniff mail you would upload a faked
key and hope that future senders pick up that faked key and encrypt to
it.  You can now intercept that mail, read it, encrypt to the real key
and send on.  Even if you can't mount such an active MitM you can
simply send on the newly encrypted mail with an additional line "sorry, I
encrypted to the wrong key".

Right the Web of Trust would stop this attack, but most people are not
part of the WoT.  Simple methods for initial /key discovery/ are
required.  Even autocrypt is better than keyservers and with the Web Key
Directory you can get an even better assurance that it is the correct
key.

> run their own key server and analyze the data. So what purpose should
> your suggestion serve?

The additional benefit is that this would take away the load from the
servers and allow that we can get back the large mesh of keyservers.
Without being able to search user-ids it does not anymore make sense to
use keyservers as search engines for magnet links to Bittorrent
distributed data.


Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpCro1j69bIP.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-05 Thread Stefan Claas

On Wed, 05 Dec 2018 13:28:50 +0100, Werner Koch wrote:

> A better way of using keyservers would be to entire disable their
> search by name or mail address capabilities.  Not only in the web
> interface but also in their API.  Of course that will be a radical
> change but I consider it better for security: 

Can you give more details about the security aspect?

Currently users can still search sks key servers by names, with
Lynx... :-) As understood key server operators can still give a whole
dump to 3rd parties, which like to analyze the data, or third parties
run their own key server and analyze the data. So what purpose should
your suggestion serve?

If you are talking about GDPR issues, those keys server operators
are not "licensed" by governmental institutions and run their servers
according to some strict regulations.

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas

pgpe5FPFllMEL.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-05 Thread Werner Koch

On Wed,  5 Dec 2018 10:31, c...@cod-web.net said:

> On pool.sks-keyservers.net eveything works well while on other
> keyservers I get 47Mb of garbled data from Yegor Timoshenko key, which I
> never signed and I don't know exactly why it's included in search

There are several problem with the keyservers due to their policy of
being a plain data store.  Actually this policy is a Good Thing because
it allows to sync with other servers and their is no need for a central
authority.

The problem is that the keyservers are abused as data store and, worse,
as a public search engine for such data.  The latter point can be
mitigated by not having a web interface which displays everything.

Restricting user-ids and such does not help because there are other ways
to store arbitrary data in a OpenPGP keyblock.  Even keyservers which
would checking the signatures won't help because key signatures can be
made using an arbitrary amount of new keys.

A better way of using keyservers would be to entire disable their search
by name or mail address capabilities.  Not only in the web interface but
also in their API.  Of course that will be a radical change but I
consider it better for security: Too many users assume that the
keyservers return a correct key; which they don't.  In fact their is no
way to get a key for a given mail address from a web server.  It used to
work just out of luck and because all keyserver users used to be fair
netizens.

The keyserver would then be used for getting the keys to verify a
signature (because the lookup is by fingerprint) and to distribute
revocations.  That is still a useful thing to have.  Further the
keyservers should stop to accept key signature; for Web of Trust things
signed keys should be mailed directly instead (caff already does that).

FWIW, I have the problem of a garbled key for quite some time which I
can fix for me using things like

import-filter drop-sig=   sig_created_d=2015-12-24
import-filter drop-sig=|| sig_created_d=2016-03-16

in my gpg.conf.  But that is just a stopgap. 


Shalom-Salam,

   Werner



-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgp7V8SnL4gCY.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-05 Thread Claudio Canavese

Thank you.

Fun fact:
https://bitbucket.org/skskeyserver/sks-keyserver/issues/57
> https://bitbucket.org/skskeyserver/sks-keyserver/issues/60
> 
were opened by Yegor Timoshenko himself ^__^


Thank you again for your quick and sharp answer!


--
CoD


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Garbled data in keyservers

2018-12-05 Thread Wiktor Kwapisiewicz via Gnupg-users

Hi Claudio,

You may find these SKS issues relevant:

https://bitbucket.org/skskeyserver/sks-keyserver/issues/41
https://bitbucket.org/skskeyserver/sks-keyserver/issues/57
https://bitbucket.org/skskeyserver/sks-keyserver/issues/60

I'm not able to comment on the specifics of search implementation in SKS 
though...

Kind regards,
Wiktor

On 05.12.2018 10:31, Claudio Canavese wrote:
> Hi everyone,
> I'm experiencing a strange behavior when looking for my email address on
> many keyserver web interfaces: I get al lot of garbled output from a key
> of someone else.
>
> I can't find and answer in this mailing list archives, so I decided to
> ask directly. Forgive me if it's a silly question.
>
> How to test this:
> 1) pick any keyserver, I tried  https://pgp.mit.edu/ ,
> https://keyserver.ubuntu.com/ , http://pool.sks-keyservers.net
> 2) search any key but mine by email: works? Well, so it was for me
> 3) now try with this email address
>
> On pool.sks-keyservers.net eveything works well while on other
> keyservers I get 47Mb of garbled data from Yegor Timoshenko key, which I
> never signed and I don't know exactly why it's included in search
> results. I had to use wget to download the web page since any browser
> will crash.
>
> Is this a bug I should submit somewhere? 
> Can a key break the html output of a keyserver?
>
>
> Thanks you for your time ;-)
>
>
> --
> CoD
>
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users


-- 
https://metacode.biz/@wiktor


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Garbled data in keyservers

2018-12-05 Thread Claudio Canavese

Hi everyone,
I'm experiencing a strange behavior when looking for my email address on
many keyserver web interfaces: I get al lot of garbled output from a key
of someone else.

I can't find and answer in this mailing list archives, so I decided to
ask directly. Forgive me if it's a silly question.

How to test this:
1) pick any keyserver, I tried  https://pgp.mit.edu/ ,
https://keyserver.ubuntu.com/ , http://pool.sks-keyservers.net
2) search any key but mine by email: works? Well, so it was for me
3) now try with this email address

On pool.sks-keyservers.net eveything works well while on other
keyservers I get 47Mb of garbled data from Yegor Timoshenko key, which I
never signed and I don't know exactly why it's included in search
results. I had to use wget to download the web page since any browser
will crash.

Is this a bug I should submit somewhere? 
Can a key break the html output of a keyserver?


Thanks you for your time ;-)


--
CoD


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

46 matches

Mail list logo