Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 13.06.17 14:16, Peter Lebbing wrote:
> On 13/06/17 09:43, Stefan Claas wrote:
>> Another thing i will do in the future, which i haven't read in popular
>> tutorials,
>> is that once checking the hash/sig of the provided package i will also hash
>> the binaries after unpacking and print them out on a piece of paper, so
>> that i
>> can frequently check the values.
> I use Open Source Tripwire for that. Its specification language is quite
> lacking in my opinion, but it's not so bad that I start looking around
> for a different solution. I've been using it for ages, and haven't
> noticed any significant development on it since I started using it. As
> far as I remember.
>
> Note that someone in a position to replace your binaries is also in a
> position to replace the sha256sum binary or whatever other binary you
> are using to generate the hashes, so your hashes can just lie to you. As
> can Tripwire.

During my lunch break i thought of that too. I think as a good start
i will next time (which popular tutorials also do not mention) install
the next version available on an USB stick, symlink to them and put
the USB stick in a safe place. Should an email arrive i will then insert
the USB stick to decrypt/verify the message.

Regarding hashes, maybe it's possible for the authors who are
providing packages that they not only include the hash or sig,
of the package but the hashes of the unpacked binaries too,
on their download page. Should one hash discrepancy show
up on my computer i could try another one and see if the hash
matches then.
>
> And so I come to my other comment, in reply to:
>
>>  So what i have learned from this whole
>> thread, also about my proposal for identicons, i should buy me
>> an offline computer, send Thunderbird/Enigmail to /dev/null
>> and transfer signed/encrypted messages from my online usage
>> computer with a USB stick to my offline computer and verify
>> decrypt the messages there. :-)
> Security is not an absolute. Quite the opposite: security is rather
> simple economics. How much are you willing to spend on your protection,
> and how much is an attacker willing to spend to compromise you? It's
> that simple. There are some unpleasant little factors such as that you
> need to do it right all the time, yet the attacker only needs to do it
> right once. But in the end, it all boils down to: who is willing to go
> that step further? As long as your secrets aren't very valuable, an
> attacker will not want to spend a lot on obtaining those secrets; they'd
> rather point their attention and money elsewhere.
>
> So Tripwire is something that raises the cost of the attack; it's
> defence in depth, not an absolute defence. And as the name suggests, if
> the attacker doesn't notice Tripwire, they might well set off an alarm.
> But if they notice it .
>
>
For me i see this way, for big Organizations i would not have a single
chance, but i assume that i am no target for them, because i am of no
interest to them.

On the other side, where money is involved etc. and people are good
in keeping their computers clean, and they rely on popular tutorials,
the "green bar problem" would still be there, imho.

Regards
Stefan





___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Peter Lebbing]

On 13/06/17 09:43, Stefan Claas wrote:
> Another thing i will do in the future, which i haven't read in popular
> tutorials,
> is that once checking the hash/sig of the provided package i will also hash
> the binaries after unpacking and print them out on a piece of paper, so
> that i
> can frequently check the values.

I use Open Source Tripwire for that. Its specification language is quite
lacking in my opinion, but it's not so bad that I start looking around
for a different solution. I've been using it for ages, and haven't
noticed any significant development on it since I started using it. As
far as I remember.

Note that someone in a position to replace your binaries is also in a
position to replace the sha256sum binary or whatever other binary you
are using to generate the hashes, so your hashes can just lie to you. As
can Tripwire.

And so I come to my other comment, in reply to:

>  So what i have learned from this whole
> thread, also about my proposal for identicons, i should buy me
> an offline computer, send Thunderbird/Enigmail to /dev/null
> and transfer signed/encrypted messages from my online usage
> computer with a USB stick to my offline computer and verify
> decrypt the messages there. :-)

Security is not an absolute. Quite the opposite: security is rather
simple economics. How much are you willing to spend on your protection,
and how much is an attacker willing to spend to compromise you? It's
that simple. There are some unpleasant little factors such as that you
need to do it right all the time, yet the attacker only needs to do it
right once. But in the end, it all boils down to: who is willing to go
that step further? As long as your secrets aren't very valuable, an
attacker will not want to spend a lot on obtaining those secrets; they'd
rather point their attention and money elsewhere.

So Tripwire is something that raises the cost of the attack; it's
defence in depth, not an absolute defence. And as the name suggests, if
the attacker doesn't notice Tripwire, they might well set off an alarm.
But if they notice it .

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

Am 12.06.2017 um 23:50 schrieb Duane Whitty:

Thanks for your input much appreciated!


I would also add one word about USB sticks:  It is very difficult to
know if they've been compromised and there are no tell-tale signs when
an attack is taking place.  I never put a USB in my computer that has
been used on a computer I don't own.
Best Regards,
Duane



Thanks for pointing this out!

I come to the conclusion after reading all the replies from this thread
that i will return to pure GnuPG usage, instead of using an email / Usenet
client with add-ons. I already found a script for PGP/MIME so that i can
decrypt/verify a message send to me when using GnuPG in command-line
mode.

Another thing i will do in the future, which i haven't read in popular 
tutorials,

is that once checking the hash/sig of the provided package i will also hash
the binaries after unpacking and print them out on a piece of paper, so 
that i

can frequently check the values.

Regards
Stefan







___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Duane Whitty]

On 17-06-12 05:45 PM, Stefan Claas wrote:
> On 12.06.17 22:35, Robert J. Hansen wrote:
>>> Is there something like a Standard Operating Procedure for GnuPG
>>> available, which fulfills security experts demands, and which can
>>> easily be adapted by an average GnuPG user, regardless of platform 
>>> and client he/she uses?
>> No.  More to the point, there can't be.  Each user faces threats
>> specific to that user; each user is responsible for their own threat
>> modeling.
>>
>> But follow the steps I outlined before and you'll significantly improve
>> your online security.  You won't be perfect -- there is no such thing as
>> perfection.  You won't be a hardened target -- that takes a lot of work.
>>  But follow those steps and you'll have taken care of the easy ways that
>> your machine can be compromised.
>>
> 
> Thank you very much for your advise, much appreciated!
> 
> Regards
> Stefan
> 
> 
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 
I'm not one of the many experts on the list you refer to so you'll have
to judge for yourself the usefulness of my procedures.  Comments from
more experienced users welcome as well, of course, and some very
experienced users have given you very good advice already.

Some of things I do include setting a password on the BIOS and HD and
turning my computer off when I'm not using it.  My reason for those
steps is that I am hoping it would introduce enough of a roadblock that
should someone gain physical access to my computer (a laptop) they would
need to take it with them in order to compromise it.

I also don't click on any links in emails. As well, I don't open any PDF
files I don't trust.

I believe also that it's important to consider what operating system you
use.  Some people believe that with certain OSs you are compromised the
minute you install said OS and are actually fulfilling the role of
Mallory against yourself.  This is to say that I believe Open Source is
beneficial not that it is the complete solution.

I would also add one word about USB sticks:  It is very difficult to
know if they've been compromised and there are no tell-tale signs when
an attack is taking place.  I never put a USB in my computer that has
been used on a computer I don't own.
Best Regards,
Duane

-- 
Duane Whitty
du...@nofroth.com



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 12.06.17 22:35, Robert J. Hansen wrote:
>> Is there something like a Standard Operating Procedure for GnuPG
>> available, which fulfills security experts demands, and which can
>> easily be adapted by an average GnuPG user, regardless of platform 
>> and client he/she uses?
> No.  More to the point, there can't be.  Each user faces threats
> specific to that user; each user is responsible for their own threat
> modeling.
>
> But follow the steps I outlined before and you'll significantly improve
> your online security.  You won't be perfect -- there is no such thing as
> perfection.  You won't be a hardened target -- that takes a lot of work.
>  But follow those steps and you'll have taken care of the easy ways that
> your machine can be compromised.
>

Thank you very much for your advise, much appreciated!

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Robert J. Hansen]

> Is there something like a Standard Operating Procedure for GnuPG
> available, which fulfills security experts demands, and which can
> easily be adapted by an average GnuPG user, regardless of platform 
> and client he/she uses?

No.  More to the point, there can't be.  Each user faces threats
specific to that user; each user is responsible for their own threat
modeling.

But follow the steps I outlined before and you'll significantly improve
your online security.  You won't be perfect -- there is no such thing as
perfection.  You won't be a hardened target -- that takes a lot of work.
 But follow those steps and you'll have taken care of the easy ways that
your machine can be compromised.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 12.06.17 22:10, Robert J. Hansen wrote:
>> and transfer signed/encrypted messages from my online usage
>> computer with a USB stick to my offline computer and verify
>> decrypt the messages there. :-)
> If you think your online computer may be compromised, then you have no
> business sharing USB devices between it and your believed-safe computer.
>
O.k., i have for example no Tempest Attack, etc. shielded offline computer,
because i am only a little Mac user. Is there something like a Standard
Operating
Procedure for GnuPG available, which fulfills security experts demands,
and which
can easily be adapted by an average GnuPG user, regardless of platform
and client
he/she uses?

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Robert J. Hansen]

> and transfer signed/encrypted messages from my online usage
> computer with a USB stick to my offline computer and verify
> decrypt the messages there. :-)

If you think your online computer may be compromised, then you have no
business sharing USB devices between it and your believed-safe computer.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 12.06.17 21:15, Peter Lebbing wrote:

>> (Remember there are two types of companies. Those who know they got
>> hacked and those who don't know yet that they got hacked.)
>>
>>
I should put that as a signature in my email and Usenet client! :-)

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 12.06.17 21:21, Ludwig Hügelschäfer wrote:
> What you can do: Learn, learn by playing, learn by trying to
> understand what others write and by asking questions and become a
> reasonable critical user. That's the hard way, but you learn best.
> Second possibility would be to have a good experienced friend which
> guides you along the way. Third way would be to engage an expert which
> maintains your computer.
>
Thanks also for your valuable reply!

Please see also my reply to Peter.

Regards
Stefan




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 12.06.17 21:15, Peter Lebbing wrote:
> On 12/06/17 20:51, Stefan Claas wrote:
>> Maybe as an additional security feature Enigmail should give
>> a key with a set trust level of "Ultimate" a different color than
>> green.
> No, that's beside the point. Once somebody gets your user privileges,
> there is no "additional security". It's game over. They could replace
> your Enigmail with their Evilmail, which seems like a good name for an
> Enigmail edited to show any fingerprint the attacker desires and give it
> any colour of the rainbow.
>
> You need to make sure your computer doesn't get hacked by someone who
> wants to subvert your use of GnuPG. Luckily, for most of us, we get
> hacked to send spam... ;)
>
> (Remember there are two types of companies. Those who know they got
> hacked and those who don't know yet that they got hacked.)
>
>

Thanks for your thought! So what i have learned from this whole
thread, also about my proposal for identicons, i should buy me
an offline computer, send Thunderbird/Enigmail to /dev/null
and transfer signed/encrypted messages from my online usage
computer with a USB stick to my offline computer and verify
decrypt the messages there. :-)

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Ludwig Hügelschäfer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 12.06.17 20:51, Stefan Claas wrote:
> On 12.06.17 20:18, Ludwig Hügelschäfer wrote:
>> Hi,
>> 
>> On 12.06.17 14:52, Stefan Claas wrote:
>> 
>>> Hi Ludwig,
>>> 
>>> I just checked again. On my Mac and on my Windows Notebook i
>>> get a green bar , from a blue "Untrusted" key when i go into
>>> Enigmails Key Management and set the trust of that key to
>>> Ultimate...
>> Well, ultimate ownertrust is the wrong way. This setting is
>> reserved for your own keys. No wonder you get a green header
>> bar.
>> 
>> What are you trying to achieve?
>> 
> 
> Well, i assume that the majority of people who are using GnuPG are
> using it with Thunderbird/Enigmail.

I'd not sign this statement. A lot of users caring for privacy and
safety won't go for Windows. Thunderbird is not the most popular mail
client on non-windows computers, there quite some other mail clients.

> Let's also assume they are not security experts like all you guys
> here on the list and let's also assume they are following popular
> tutorials like the ones from EFF:
> https://ssd.eff.org/en/module/how-use-pgp-windows because they know
> EFF are good people (like you security experts).
> 
> Now here is my thought. Mallory knows this very well what i have 
> described above and after he gained access to my computer he simply
> replaces on of my locally signed pub keys with a fake one where he
> sets owner trust to ultimate. A user, described as above would imho
> have a hard time to detect a fake pub key, because Enigmail shows
> for both keys a green bar.

As Robert said: If an attacker gains control over your computer,
you're busted, game over.

> Maybe as an additional security feature Enigmail should give a key
> with a set trust level of "Ultimate" a different color than green.

This would also be the case if the attacker gained access to your
computer.

What you can do: Learn, learn by playing, learn by trying to
understand what others write and by asking questions and become a
reasonable critical user. That's the hard way, but you learn best.
Second possibility would be to have a good experienced friend which
guides you along the way. Third way would be to engage an expert which
maintains your computer.

Ludwig
-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEE4WAgb7FA4aaVxJnYOtv6bQCh5v4FAlk+6b4ACgkQOtv6bQCh
5v7yeg/+NG1ZJOm/is1MyiDI8eGHB2343qmCYjzlrpj5+SYBECMa5FSKqh86z+LS
xMbynzfMIVTR2imt259mHFhCCcBgx067GCCxCFOMgJgafYg0M/kf1bOQF1Hov1lD
969zfYBcHNl2lnOSA5W16nJPY0gaJoa6t+25bf3YDD/+1aMQdZpBmOpxEPPuMUqt
5Qb7LPHh0hhSNoX7TrTqcMEBQtJopDlB94xUShUujMR56udC1Mfo3LDN1BpV00sd
R+La+a94Uu+i9FkEhjFHeTcVlaN9TSofLqGBVID51h2sGG7UK/moOAv55T2GBkuh
zdTp9OirN1OIZbBIMnUfa3oe3ZbCyY24qm/XWA7gn4gTIUX9/QdT6Wz/aBDA9Rq+
fr5RDxXU5S/4kX3HODnUiGqvt8HElQAKmCkiTD6gSLM8Tsw6Bp1DK9AAMHEbgvqS
zT67rKY4ISzW4RTxqHuK4W1bury0TdSlyCCgL33CdUp+xhQazjLRfUQXzSeOaNu2
7/6LRVtOHWWUkpELaNGYGS2CPDMiPvuZuMH/Ut9CYcwGHaf1Rq2F7FH0C2Hha5Uf
6hHWVww+PrNg1Tera/yLn+P8+RCU5tkf8c+injiEN0FjYScXd0YBds704ZjdD8l8
tld1uAcxxI3FYybY05TSjKqdRNpGrJRJ14nb4Djd896jzOZDWJQ=
=CZYK
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Peter Lebbing]

On 12/06/17 20:51, Stefan Claas wrote:
> Maybe as an additional security feature Enigmail should give
> a key with a set trust level of "Ultimate" a different color than
> green.

No, that's beside the point. Once somebody gets your user privileges,
there is no "additional security". It's game over. They could replace
your Enigmail with their Evilmail, which seems like a good name for an
Enigmail edited to show any fingerprint the attacker desires and give it
any colour of the rainbow.

You need to make sure your computer doesn't get hacked by someone who
wants to subvert your use of GnuPG. Luckily, for most of us, we get
hacked to send spam... ;)

(Remember there are two types of companies. Those who know they got
hacked and those who don't know yet that they got hacked.)

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 12.06.17 20:18, Ludwig Hügelschäfer wrote:
> Hi,
>
> On 12.06.17 14:52, Stefan Claas wrote:
>
>> Hi Ludwig,
>>
>> I just checked again. On my Mac and on my Windows Notebook i get a
>> green bar , from a blue "Untrusted" key when i go into Enigmails
>> Key Management and set the trust of that key to Ultimate...
> Well, ultimate ownertrust is the wrong way. This setting is reserved
> for your own keys. No wonder you get a green header bar.
>
> What are you trying to achieve? 
>

Well, i assume that the majority of people who are using GnuPG
are using it with Thunderbird/Enigmail. Let's also assume they are
not security experts like all you guys here on the list and let's
also assume they are following popular tutorials like the ones
from EFF: https://ssd.eff.org/en/module/how-use-pgp-windows
because they know EFF are good people (like you security experts).

Now here is my thought. Mallory knows this very well what i have
described above and after he gained access to my computer he
simply replaces on of my locally signed pub keys with a fake
one where he sets owner trust to ultimate. A user, described as
above would imho have a hard time to detect a fake pub key,
because Enigmail shows for both keys a green bar.

Maybe as an additional security feature Enigmail should give
a key with a set trust level of "Ultimate" a different color than
green.

Regards
Stefan




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Ludwig Hügelschäfer]

Hi,

On 12.06.17 14:52, Stefan Claas wrote:

> Hi Ludwig,
> 
> I just checked again. On my Mac and on my Windows Notebook i get a
> green bar , from a blue "Untrusted" key when i go into Enigmails
> Key Management and set the trust of that key to Ultimate...

Well, ultimate ownertrust is the wrong way. This setting is reserved
for your own keys. No wonder you get a green header bar.

What are you trying to achieve? I'm getting tons of "UNTRUSTED Good
signature" when reading my mailing lists, e.g. from Peter Lebbing and
a lot of others. That's the way it is, I have to accept this, my
web-of-trust is not so good. I've got a couple of good signatures, though.

One way to improve this situation is to get out, meet people, view
their Ids and receive their fingerprints, verify them and if all is
good, sign their keys.

The other would be to enable TOFU. Can't tell anything about this, I
still have to test.

Best regards

Ludwig



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 12.06.17 17:28, Robert J. Hansen wrote:
>> I agree with you and it makes perfect sense, but then it would raise
>> another question. How should an average user of GnuPG, like me,
>> then handle this.
> It cannot be the job of the GnuPG team to teach people how to safely
> administer their operating system.  There are too many operating
> systems, too many different threat models, too many different use cases,
> for anyone to go down that rabbit-hole.
>
> Some generally good advice might include:
>
> - Keep your operating system up to date
> - Disable Flash in your browser
> - Disable Java Web Start in your browser
> - Install ad blocking and tracker blocking plugins into your browser
> - Only run software from trusted sources
> - Only use USB thumb drives with machines you trust
> - Only use USB thumb drives that came from trusted sources
>
Thank you very much for the tip about USB thumb drives!

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Robert J. Hansen]

> I agree with you and it makes perfect sense, but then it would raise
> another question. How should an average user of GnuPG, like me,
> then handle this.

It cannot be the job of the GnuPG team to teach people how to safely
administer their operating system.  There are too many operating
systems, too many different threat models, too many different use cases,
for anyone to go down that rabbit-hole.

Some generally good advice might include:

- Keep your operating system up to date
- Disable Flash in your browser
- Disable Java Web Start in your browser
- Install ad blocking and tracker blocking plugins into your browser
- Only run software from trusted sources
- Only use USB thumb drives with machines you trust
- Only use USB thumb drives that came from trusted sources

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Robert J. Hansen]

> If Mallory would get somehow access to my Computer and replace one
> pub key from my communication partners with a fake one and sets the
> trust level to Ultimate. How can i detect this, if i'm not always
> looking at the complete Fingerprint and compare it with a separate
> list?

If Mallory can tamper with your keyrings, that's a total game-over
condition.  At that point there are dozens of attacks open to her.  Once
you lose control of your computer, it's all over.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 12.06.17 16:31, Peter Lebbing wrote:
> I hadn't gotten round to answer your earlier questions yet, since I
> noticed a point I should first spend some effort and thinking on.
>
> On 12/06/17 16:14, Stefan Claas wrote:
>> And a question for this... If Mallory would get
>> somehow access to my Computer and replace one pub key from my
>> communication partners with a fake one and sets the trust level to
>> Ultimate. How can i detect this, if i'm not always looking at the
>> complete Fingerprint and compare it with a separate list?
> It is impossible to use any form of cryptography in a secure fashion
> when somebody is in a position to mess with the computer you're using it
> on. Worst is someone with administrator privileges, but somebody with
> the same privileges as you is already more than enough to completely
> subvert your security.
>
> They could alter your search path and put their own binaries in them.
> Any program you launch, be it GnuPG, your e-mail client, your shell, or
> any other program you use, could be replaced by something else. Same for
> your data files, as you point out.
>
> Your user account needs to be secure from evildoers. It depends on your
> threat model how you go about this.

I agree with you and it makes perfect sense, but then it would raise
another question. How should an average user of GnuPG, like me,
then handle this. I mean what you just said is not mentioned in
GnuPG tutorials and you can't expect that every GnuPG is trained
on that subject as well.

Would it then not be good if Enigmail, for the casual user, would
display a different color than green, for the explained scenario?

Regards
Stefan




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Peter Lebbing]

I hadn't gotten round to answer your earlier questions yet, since I
noticed a point I should first spend some effort and thinking on.

On 12/06/17 16:14, Stefan Claas wrote:
> And a question for this... If Mallory would get
> somehow access to my Computer and replace one pub key from my
> communication partners with a fake one and sets the trust level to
> Ultimate. How can i detect this, if i'm not always looking at the
> complete Fingerprint and compare it with a separate list?

It is impossible to use any form of cryptography in a secure fashion
when somebody is in a position to mess with the computer you're using it
on. Worst is someone with administrator privileges, but somebody with
the same privileges as you is already more than enough to completely
subvert your security.

They could alter your search path and put their own binaries in them.
Any program you launch, be it GnuPG, your e-mail client, your shell, or
any other program you use, could be replaced by something else. Same for
your data files, as you point out.

Your user account needs to be secure from evildoers. It depends on your
threat model how you go about this.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 12.06.17 16:06, Peter Lebbing wrote:
> On 12/06/17 14:52, Stefan Claas wrote:
>> I just checked again. On my Mac and on my Windows Notebook
>> i get a green bar , from a blue "Untrusted" key when i go into
>> Enigmails Key Management and set the trust of that key to
>> Ultimate...
> Don't do this! Or did you do it just for testing? "Ultimate" is for your
> own keys. It makes the key itself valid and all keys signed by that key.
> It's the odd one out, as the other trust levels only determine the
> validity of other keys signed by that key but don't affect the key itself.
>
> To make a key valid, sign it with a local signature. Or an exportable
> signature, your choice.
>

I did that for testing! And a question for this... If Mallory would get
somehow access to my Computer and replace one pub key from my
communication partners with a fake one and sets the trust level to
Ultimate. How can i detect this, if i'm not always looking at the
complete Fingerprint and compare it with a separate list?

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Peter Lebbing]

On 12/06/17 14:52, Stefan Claas wrote:
> I just checked again. On my Mac and on my Windows Notebook
> i get a green bar , from a blue "Untrusted" key when i go into
> Enigmails Key Management and set the trust of that key to
> Ultimate...

Don't do this! Or did you do it just for testing? "Ultimate" is for your
own keys. It makes the key itself valid and all keys signed by that key.
It's the odd one out, as the other trust levels only determine the
validity of other keys signed by that key but don't affect the key itself.

To make a key valid, sign it with a local signature. Or an exportable
signature, your choice.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 07.06.17 22:23, Ludwig Hügelschäfer wrote:
> Hi Stefan,
>
> On 06.06.17 22:19, Stefan Claas wrote:
>> On 06.06.17 20:46, Charlie Jonas wrote:
>>> On 2017-06-06 19:12, Stefan Claas wrote:
 I tried also with Enigmail under OS X but when checking the
 signatures here from the list members i always get the blue
 "Untrusted Good Signature".
>>> Yes I get this as well. Interestingly whatever trust level I give
>>> keys, Enigmail on OSX seems to want to make the bar blue
>>> regardless.
>>>
>> Thanks for confirming. Hopefully Ludwig still follows this thread
>> and can tell us why it's not working, as expected.
> It's working as expected. To get a green bar in Enigmails header
> display, the key signing the message has to be at least fully valid. A
> key gets valid if you either:
>
> - sign it (whether local or exportable is not relevant)
>
> or
>
> - it is signed by
>   - at least one key you have signed and you have put "full" ownertrust
> on these
>   - at least three other keys you have signed and you have put
> "marginal" ownertrust on these
>
> This is the behaviour of the "classic" or "PGP" trust model which is
> the default in GnuPG. Enigmail only displays the result.
>
>
Hi Ludwig,

I just checked again. On my Mac and on my Windows Notebook
i get a green bar , from a blue "Untrusted" key when i go into
Enigmails Key Management and set the trust of that key to
Ultimate...

Regards
Stefan





___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 07.06.17 22:23, Ludwig Hügelschäfer wrote:
> Hi Stefan,
>
> On 06.06.17 22:19, Stefan Claas wrote:
>> On 06.06.17 20:46, Charlie Jonas wrote:
>>> On 2017-06-06 19:12, Stefan Claas wrote:
 I tried also with Enigmail under OS X but when checking the
 signatures here from the list members i always get the blue
 "Untrusted Good Signature".
>>> Yes I get this as well. Interestingly whatever trust level I give
>>> keys, Enigmail on OSX seems to want to make the bar blue
>>> regardless.
>>>
>> Thanks for confirming. Hopefully Ludwig still follows this thread
>> and can tell us why it's not working, as expected.
> It's working as expected. To get a green bar in Enigmails header
> display, the key signing the message has to be at least fully valid. A
> key gets valid if you either:
>
> - sign it (whether local or exportable is not relevant)
>
> or
>
> - it is signed by
>   - at least one key you have signed and you have put "full" ownertrust
> on these
>   - at least three other keys you have signed and you have put
> "marginal" ownertrust on these
>
> This is the behaviour of the "classic" or "PGP" trust model which is
> the default in GnuPG. Enigmail only displays the result.

Thanks, i'm aware of the classic trust model.
>
> You may read more about this here:
> https://enigmail.wiki/Key_Management#The_Web_of_Trust
>
> There's a lot more information about the web of trust out in the web.
>
> Disclaimer: Configuring GnuPG to use the TOFU trust model may change
> this behaviour.

I configured GnuPG to use the TOFU model and expected that Enigmail
would switch from blue Untrusted to green when TOFU gives "full" trust
to a pub key. For example when i downloaded a signed Usenet message
as a test (where Enigmail showed me a blue bar) and let GnuPG verify
the saved file manually it gave me the statistics. After downloading a
second file, where Enigmail correctly showed the blue bar again, i ran
the file via GnuPG and it gave "full" trust to the message. After that
i klicked again in Enigmail in the Usenet thread and voila i had a green
bar. So that is the reason why i thought Enigmail would give me with
the new trust model also a green bar when checking here list members
messages.

Regards
Stefan

And appologies for the multiple thread chaos!



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Ludwig Hügelschäfer]

Hi Stefan,

On 06.06.17 22:19, Stefan Claas wrote:
> On 06.06.17 20:46, Charlie Jonas wrote:
>> On 2017-06-06 19:12, Stefan Claas wrote:
>>> I tried also with Enigmail under OS X but when checking the
>>> signatures here from the list members i always get the blue
>>> "Untrusted Good Signature".
>> Yes I get this as well. Interestingly whatever trust level I give
>> keys, Enigmail on OSX seems to want to make the bar blue
>> regardless.
>> 
> Thanks for confirming. Hopefully Ludwig still follows this thread
> and can tell us why it's not working, as expected.

It's working as expected. To get a green bar in Enigmails header
display, the key signing the message has to be at least fully valid. A
key gets valid if you either:

- sign it (whether local or exportable is not relevant)

or

- it is signed by
  - at least one key you have signed and you have put "full" ownertrust
on these
  - at least three other keys you have signed and you have put
"marginal" ownertrust on these

This is the behaviour of the "classic" or "PGP" trust model which is
the default in GnuPG. Enigmail only displays the result.

You may read more about this here:
https://enigmail.wiki/Key_Management#The_Web_of_Trust

There's a lot more information about the web of trust out in the web.

Disclaimer: Configuring GnuPG to use the TOFU trust model may change
this behaviour.

Ludwig

BTW: Could you please stop forwarding your replies to the list? Now
there are 6 threads titled "Question for app developers, like Enigmail
etc. - Identicons" on the list. Just click on "Reply to list" when
replying. Thanks.



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

TOFU (was: Question for app developers, like Enigmail etc. - Identicons)

[Peter Lebbing]

On 07/06/17 13:49, Stefan Claas wrote:
> In Enigmail with the blue and green bar (without showing statistics) it
> would simply mean
> that it switches from green to blue, right?

Not necessarily!

I don't know if Enigmail checks whether the From: is equal to the key
UID, but we're talking about look-alike addresses here, not completely
equal addresses, so even that wouldn't help.

It would, depending on tofu-default-policy, potentially be marked as
Good with a green bar! It is from a new key from an e-mail address never
before seen. With the default tofu-default-policy, it would *not* be
green, because it would only get marginal validity. But with
tofu-default-policy good, it would get marked as valid because there
doesn't seem to be anything wrong with it. It's only a visual similarity
that fools the user, but a computer is an exact device and doesn't know
they look similar to you.

I hope Enigmail will add the TOFU statistics to the displayed
information. Or maybe they already did, I see that I'm using Debian
jessie's enigmail package for Enigmail, and Debian jessie/stable has
pretty old packages (well maintained, but old).

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

Am 07.06.2017 um 13:21 schrieb Peter Lebbing:


On 07/06/17 11:04, Peter Lebbing wrote:

On 06/06/17 20:12, Stefan Claas wrote:

Is TOFU verifying the email address from the from: header of the message
and then compares it with the email address in the UID?

Yes.

Actually, that's not really correct. It also works without a From:. I
don't know the details by heart, and I spoke too easily. TOFU verifies
the consistency of the binding between a key and the e-mail address in a
UID. So if so far you've seen a particular key being used for signatures
from  and suddenly it's signed by a different key that
also has an e-mail address , TOFU will alert you that
this is not what it expected to see.

Thanks, that's what i assumed.


It will not alert you of similar-looking
e-mail addresses, since this is really hard to solve, but the statistics
printed will hopefully make you notice that even though you should see
"10 signatures verified in the past month", it suddenly says "0
signatures verified so far" and this tells you it is not the same key as
before.
In Enigmail with the blue and green bar (without showing statistics) it 
would simply mean

that it switches from green to blue, right?

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Peter Lebbing]

On 07/06/17 11:04, Peter Lebbing wrote:
> On 06/06/17 20:12, Stefan Claas wrote:
>> Is TOFU verifying the email address from the from: header of the message
>> and then compares it with the email address in the UID?
> 
> Yes.

Actually, that's not really correct. It also works without a From:. I
don't know the details by heart, and I spoke too easily. TOFU verifies
the consistency of the binding between a key and the e-mail address in a
UID. So if so far you've seen a particular key being used for signatures
from  and suddenly it's signed by a different key that
also has an e-mail address , TOFU will alert you that
this is not what it expected to see.

Your e-mail client can also verify the consistency between the UID and
the From:, but GnuPG primarily checks the consistency of the mapping
between key and UID on the key. And it also works on the command line,
where no From: is available. It will not alert you of similar-looking
e-mail addresses, since this is really hard to solve, but the statistics
printed will hopefully make you notice that even though you should see
"10 signatures verified in the past month", it suddenly says "0
signatures verified so far" and this tells you it is not the same key as
before.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

Am 07.06.2017 um 11:04 schrieb Peter Lebbing:


On 06/06/17 20:12, Stefan Claas wrote:

Is TOFU verifying the email address from the from: header of the message
and then compares it with the email address in the UID?

Yes.


I ask, because
if i would use a free form UID with no email address

That would make it difficult.


, or i use an Anon
Remailer with a nym account where both email addresses are not identical.

This doesn't seem like a problem, depending on some assumptions. In the
usual case where you wouldn't want the two accounts linked to the same
person, you would use two completely separate certificates, each with
their own pseudonym with nym address.

If you don't care that peole realize they belong to the same person, you
would create two UIDs on the same key, one for each nym account.


Thank you very much for your detailed explanation!

I just installed modern GnuPG and used it with two inline PGP messages from
Usenet and i like it. :-)

Good to hear :-).
I love the idea of TOFU and it's great that it is implemented in modern 
GnuPG. :-)

Kudos and respect to the person who had this idea!



I tried also with Enigmail under OS X but when checking the signatures here
from the list members i always get the blue "Untrusted Good Signature".

Did you already enable TOFU? It needs a line in your gpg.conf. Either:

trust-model tofu

or

trust-model tofu+pgp
Yes, i did that and it works fine in command-line mode which also shows 
me the statistics.


Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

Am 07.06.2017 um 10:57 schrieb Peter Lebbing:


On 07/06/17 07:55, Stefan Claas wrote:

The procedure went like this: I inserted my id-card in a certified
card reader, which i purchased, startet the german certified id-card
software "AusweisApp2" to connect to the CA Server and the server
checked my id-card online and after verification send the signed
pub-key to my email address.

What prevents someone else from doing this with your ID-card? For
instance, someone with whom you live?



The ID-card is protected with a pin which i have memorized.
But good that you bring this point up! Should my ID-card get's
stolen the thief can only try thee times to guess the pin.

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Peter Lebbing]

On 06/06/17 20:46, Charlie Jonas wrote:
> On 2017-06-06 19:12, Stefan Claas wrote:
>> I tried also with Enigmail under OS X but when checking the signatures here
>> from the list members i always get the blue "Untrusted Good Signature".
> 
> Yes I get this as well. Interestingly whatever trust level I give keys,
> Enigmail on OSX seems to want to make the bar blue regardless.

You mean with "Set Owner's Trust of Sender's Key" in Enigmail? That's
the wrong one. There's key validity and owner's trust. Key validity is
about whether you believe the key belongs to the person indicated.
Owner's trust is to what extent you trust that person to correctly
verify other people's identities.

You should sign the key to make it valid, not set its owner's trust.
It's a common misconception.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Peter Lebbing]

On 06/06/17 20:12, Stefan Claas wrote:
> Is TOFU verifying the email address from the from: header of the message
> and then compares it with the email address in the UID?

Yes.

> I ask, because
> if i would use a free form UID with no email address

That would make it difficult.

>, or i use an Anon
> Remailer with a nym account where both email addresses are not identical.

This doesn't seem like a problem, depending on some assumptions. In the
usual case where you wouldn't want the two accounts linked to the same
person, you would use two completely separate certificates, each with
their own pseudonym with nym address.

If you don't care that peole realize they belong to the same person, you
would create two UIDs on the same key, one for each nym account.

> I just installed modern GnuPG and used it with two inline PGP messages from
> Usenet and i like it. :-)

Good to hear :-).

> I tried also with Enigmail under OS X but when checking the signatures here
> from the list members i always get the blue "Untrusted Good Signature".

Did you already enable TOFU? It needs a line in your gpg.conf. Either:

trust-model tofu

or

trust-model tofu+pgp

The latter combines it with the Web of Trust. See the manpage for more
info. gpg.conf is in your GnuPG homedir. I think this is ~/.gnupg by
default on OS X as well.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Peter Lebbing]

On 07/06/17 07:55, Stefan Claas wrote:
> The procedure went like this: I inserted my id-card in a certified
> card reader, which i purchased, startet the german certified id-card
> software "AusweisApp2" to connect to the CA Server and the server
> checked my id-card online and after verification send the signed
> pub-key to my email address.

What prevents someone else from doing this with your ID-card? For
instance, someone with whom you live?

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

Am 07.06.2017 um 08:50 schrieb Andrew Gallagher:


On 7 Jun 2017, at 06:55, Stefan Claas  wrote:

The procedure went like this: I inserted my id-card in a certified
card reader, which i purchased, startet the german certified id-card
software "AusweisApp2" to connect to the CA Server and the server
checked my id-card online and after verification send the signed
pub-key to my email address. Can this procedure be faked by
criminals etc.? I doubt it.

Everything *can* be faked, given enough time, effort and/or money. The correct 
question is *would* criminals etc go to the necessary lengths to fake this 
procedure, and the answer (as always) is: it depends on what it's worth to 
them. :-)



I have no idea how much money is made worldwide by shady companies or
bad people and what techniques for that are used on the Internet. A
public-key certified by the the way i described, assuming GnuPG would
become an accepted world wide standard in the future for digital
signatures, with frontends for Joe user average, would be a way to dry
out bad businesses. The classic WoT or TOFU does not help in this case, imo.

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Andrew Gallagher]

> On 7 Jun 2017, at 06:55, Stefan Claas  wrote:
> 
> The procedure went like this: I inserted my id-card in a certified
> card reader, which i purchased, startet the german certified id-card
> software "AusweisApp2" to connect to the CA Server and the server
> checked my id-card online and after verification send the signed
> pub-key to my email address. Can this procedure be faked by
> criminals etc.? I doubt it.

Everything *can* be faked, given enough time, effort and/or money. The correct 
question is *would* criminals etc go to the necessary lengths to fake this 
procedure, and the answer (as always) is: it depends on what it's worth to 
them. :-)

A

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 07.06.17 00:04, MFPA wrote:

>
>
> On Tuesday 6 June 2017 at 5:07:18 PM, in
> , Stefan Claas
> wrote:-
>
>
> > Therefore qualified CA's
> > in my opinion are mandatory where each user in each
> > country [may] register
> > with his/her id-card so that it's guaranteed that
> > Alice is not Eve.
>
> Assuming the users trust both the CA and the entity that issued the
> id-card.
>
Well, that's debatable. As an example:

My old pub-key had a sig3 from a well known german computer
magazine, which i believe a lot of people here in Germany would trust.
Their procedure was that you attend their booth at electronic fairs
show up with your id-card and a fillet out form, containing your data and
the pub key data. They carefully checked then the filled out form with
your id-card. So it's imo compareable with key signing parties you
attend. But who guarantees that an id-card is not fake with this
classical procedure?

My new pub-key bears a sig3 from a german CA which is run on
behalf of  our interior ministry. People may not trust our government
but the procedure how the pub-key was verified* tells me that the
sig3 issued to that person is correct.

*our new german id-card contains a chip and when you look at it
i would say this sort of modern id-card can not be faked.

The procedure went like this: I inserted my id-card in a certified
card reader, which i purchased, startet the german certified id-card
software "AusweisApp2" to connect to the CA Server and the server
checked my id-card online and after verification send the signed
pub-key to my email address. Can this procedure be faked by
criminals etc.? I doubt it.

Regards
Stefan
 




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[MFPA]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



On Tuesday 6 June 2017 at 5:07:18 PM, in
, Stefan Claas
wrote:-


> Therefore qualified CA's
> in my opinion are mandatory where each user in each
> country [may] register
> with his/her id-card so that it's guaranteed that
> Alice is not Eve.

Assuming the users trust both the CA and the entity that issued the
id-card.

- --
Best regards

MFPA  

Two rights do not make a wrong. They make an airplane.
-BEGIN PGP SIGNATURE-

iNUEARYKAH0WIQQzrO1O6RNO695qhQYXErxGGvd45AUCWTcm2l8UgAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNB
Q0VENEVFOTEzNEVFQkRFNkE4NTA2MTcxMkJDNDYxQUY3NzhFNAAKCRAXErxGGvd4
5M0bAQCxPC1qcxn5/hKvd2Acm5bCxO9czxoa6JJos3mKgooLfQD9Hn/AoaC/CJwS
61kzBoo4xFtC0caacvg0qevQelC0ywGJAZMEAQEKAH0WIQSzrn7KmoyLMCaloPVr
fHTOsx8l8AUCWTcm8F8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0QjNBRTdFQ0E5QThDOEIzMDI2QTVBMEY1NkI3
Qzc0Q0VCMzFGMjVGMAAKCRBrfHTOsx8l8B9LB/9SVOXj12DpY6urk83Skh1MgXPq
WKE44LwOUQKRuSldrWlwnf4Ox4X6chKU3qH4PjVhMFGZNC5wrAkavIesPzqLzKAy
md4tzOaFTWHRXoymG4aVGEOE/l3T9JOQLh8pYRlNDUknNbSATE6FpMF6bDXAPe/N
Jy/Hfq1Gt2QMBQWgff/tXOCUSB5rSvyCcecBqbtLB5Civ4TIQkXHJ7rHkLGzN5eL
/TsqxvcKKo54ngDJbQEu6yPH6BPiMJztaMZIBmF7c6wkHxRngtFQhVu2rJt3rlez
9BTnEIJi0jn64ZMX2XnhdRImU7BfzEKjB86hbrhirInXKwlHQ7oQqZz0dTmJ
=CPjn
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 06.06.17 20:46, Charlie Jonas wrote:
> On 2017-06-06 19:12, Stefan Claas wrote:
>> I tried also with Enigmail under OS X but when checking the signatures here
>> from the list members i always get the blue "Untrusted Good Signature".
> Yes I get this as well. Interestingly whatever trust level I give keys,
> Enigmail on OSX seems to want to make the bar blue regardless.
>
Thanks for confirming. Hopefully Ludwig still follows this thread and
can tell us why it's not working, as expected.

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Charlie Jonas]

On 2017-06-06 19:12, Stefan Claas wrote:
> I tried also with Enigmail under OS X but when checking the signatures here
> from the list members i always get the blue "Untrusted Good Signature".

Yes I get this as well. Interestingly whatever trust level I give keys,
Enigmail on OSX seems to want to make the bar blue regardless.

-- 
Charlie Jonas ch...@srcf.net

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 06.06.17 12:46, Peter Lebbing wrote:

> On 06/06/17 05:30, Duane Whitty wrote:
>> As I understand the concept of TOFU (Trust On First Use), when you
>> receive a signed email gpg tests that signature against the key
>> retrieved from the public key servers associated with the email.

> TOFU is about *consistency*. It says: this e-mail is signed by the same
> key you've seen on all the earlier messages you received from this
> e-mail address. It keeps count, and alerts you when all of a sudden you
> start receiving signatures made by a different key.

Is TOFU verifying the email address from the from: header of the message
and then compares it with the email address in the UID? I ask, because
if i would use a free form UID with no email address, or i use an Anon
Remailer with a nym account where both email addresses are not identical.
>
> Note that it can also be combined with the Web of Trust. You could use
> TOFU just to track consistency and not award validity to keys, or you
> could use TOFU to award marginal validity and obtain the remaining
> validity from, e.g., marginally trusted Web of Trust signatures.
>
> But TOFU isn't for everyone, and neither is the Web of Trust. It's your
> call.
>
> By the way, it is my feeling Stefan Claas is looking for TOFU. The
> Identicon scheme feels like TOFU with the database on external storage,
> to wit, the user's brain :). Better to store that database on disk,
> IMHO. The (only) net loss is that there is no synchronization between
> different devices.

I just installed modern GnuPG and used it with two inline PGP messages from
Usenet and i like it. :-)
>
> My Enigmail works with TOFU, although I can't see any statistics. But it
> correctly awards a green bar with "Good signature" to my TOFU-verified keys.
>
I tried also with Enigmail under OS X but when checking the signatures here
from the list members i always get the blue "Untrusted Good Signature".

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 06.06.17 18:07, Stefan Claas wrote:
> On 06.06.17 04:11, Daniel Kahn Gillmor wrote:
>> On Tue 2017-06-06 01:24:43 +0200, Stefan Claas wrote:
>>> On 05.06.17 22:26, Daniel Kahn Gillmor wrote:
 what does "bullet-proof" mean, specifically? 
>>> For me it means that the idendicons should be visually easy to read
>>> and cryptographically secure. Sorry that i have no better explanation.
>> here's one way to try to frame the question: Imagine the situation as a
>> game, where you have two players on one team, "defense" named Alice and
>> Bob; Alice wants to send a message to Bob.  Another player on the
>> opposing team, "offense", is named Mallory, is trying to send a message
>> to Bob as well, but trying to trick Bob into thinking that the incoming
>> message comes from Alice.
>>
>> The way the game is played, either Alice or Mallory gets to send a
>> message.  Bob has to decide whether the message actually came from
>> Alice.  If Bob gets it right, the "defense" wins.  If Bob gets it wrong,
>> the "offense" wins.  The game is played multiple times.
>>
>> Is that the scenario you're thinking of?  If so, does the defense need
>> to win 100% of the time over thousands of games?  or is it acceptable
>> for offense to win occasionally?
>>
>> In any case question is: how much work does Mallory need to do to get
>> Bob to make a mistake?  How frequently can Mallory trick Bob into
>> accepting mail from her as though it were from Alice?  Conversely, how
>> many messages that were actually from Alice can Bob accidentally reject
>> without making Alice upset enough to give up on the entire
>> communications scheme?
>>
>>
> In old times I would say if Bob and Alice don't know each other and they
> have no clue how that particular security software works it should be that
> the second message send to one person the security software already detects
> forgeries and reports that to a person. However, with that thinking it does
> not guarantee that Bob knows that Alice is not Eve. Therefore qualified CA's
> in my opinion are mandatory where each user in each country has to register
> with his/her id-card so that it's guaranteed that Alice is not Eve.
>
> Regards
> Stefan
>
Correction... instead "has" to register "may register"...

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 06.06.17 04:11, Daniel Kahn Gillmor wrote:
> On Tue 2017-06-06 01:24:43 +0200, Stefan Claas wrote:
>> On 05.06.17 22:26, Daniel Kahn Gillmor wrote:
>>> what does "bullet-proof" mean, specifically? 
>> For me it means that the idendicons should be visually easy to read
>> and cryptographically secure. Sorry that i have no better explanation.
> here's one way to try to frame the question: Imagine the situation as a
> game, where you have two players on one team, "defense" named Alice and
> Bob; Alice wants to send a message to Bob.  Another player on the
> opposing team, "offense", is named Mallory, is trying to send a message
> to Bob as well, but trying to trick Bob into thinking that the incoming
> message comes from Alice.
>
> The way the game is played, either Alice or Mallory gets to send a
> message.  Bob has to decide whether the message actually came from
> Alice.  If Bob gets it right, the "defense" wins.  If Bob gets it wrong,
> the "offense" wins.  The game is played multiple times.
>
> Is that the scenario you're thinking of?  If so, does the defense need
> to win 100% of the time over thousands of games?  or is it acceptable
> for offense to win occasionally?
>
> In any case question is: how much work does Mallory need to do to get
> Bob to make a mistake?  How frequently can Mallory trick Bob into
> accepting mail from her as though it were from Alice?  Conversely, how
> many messages that were actually from Alice can Bob accidentally reject
> without making Alice upset enough to give up on the entire
> communications scheme?
>
>
In old times I would say if Bob and Alice don't know each other and they
have no clue how that particular security software works it should be that
the second message send to one person the security software already detects
forgeries and reports that to a person. However, with that thinking it does
not guarantee that Bob knows that Alice is not Eve. Therefore qualified CA's
in my opinion are mandatory where each user in each country has to register
with his/her id-card so that it's guaranteed that Alice is not Eve.

Regards
Stefan







___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Peter Lebbing]

On 06/06/17 05:30, Duane Whitty wrote:
> As I understand the concept of TOFU (Trust On First Use), when you
> receive a signed email gpg tests that signature against the key
> retrieved from the public key servers associated with the email.

TOFU is about *consistency*. It says: this e-mail is signed by the same
key you've seen on all the earlier messages you received from this
e-mail address. It keeps count, and alerts you when all of a sudden you
start receiving signatures made by a different key.

Note that it can also be combined with the Web of Trust. You could use
TOFU just to track consistency and not award validity to keys, or you
could use TOFU to award marginal validity and obtain the remaining
validity from, e.g., marginally trusted Web of Trust signatures.

But TOFU isn't for everyone, and neither is the Web of Trust. It's your
call.

By the way, it is my feeling Stefan Claas is looking for TOFU. The
Identicon scheme feels like TOFU with the database on external storage,
to wit, the user's brain :). Better to store that database on disk,
IMHO. The (only) net loss is that there is no synchronization between
different devices.

My Enigmail works with TOFU, although I can't see any statistics. But it
correctly awards a green bar with "Good signature" to my TOFU-verified keys.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Duane Whitty]

On 17-06-05 11:11 PM, Daniel Kahn Gillmor wrote:
> On Tue 2017-06-06 01:24:43 +0200, Stefan Claas wrote:
>> On 05.06.17 22:26, Daniel Kahn Gillmor wrote:
>>> what does "bullet-proof" mean, specifically? 
>>
>> For me it means that the idendicons should be visually easy to read
>> and cryptographically secure. Sorry that i have no better explanation.
> 
> here's one way to try to frame the question: Imagine the situation as a
> game, where you have two players on one team, "defense" named Alice and
> Bob; Alice wants to send a message to Bob.  Another player on the
> opposing team, "offense", is named Mallory, is trying to send a message
> to Bob as well, but trying to trick Bob into thinking that the incoming
> message comes from Alice.
> 
> The way the game is played, either Alice or Mallory gets to send a
> message.  Bob has to decide whether the message actually came from
> Alice.  If Bob gets it right, the "defense" wins.  If Bob gets it wrong,
> the "offense" wins.  The game is played multiple times.
> 
> Is that the scenario you're thinking of?  If so, does the defense need
> to win 100% of the time over thousands of games?  or is it acceptable
> for offense to win occasionally?
> 
> In any case question is: how much work does Mallory need to do to get
> Bob to make a mistake?  How frequently can Mallory trick Bob into
> accepting mail from her as though it were from Alice?  Conversely, how
> many messages that were actually from Alice can Bob accidentally reject
> without making Alice upset enough to give up on the entire
> communications scheme?
> 
> When you frame the problem this way, you can start thinking more
> concretely about what "bulletproof" means, and you can actually design
> user trials to test proposals.
> 
> There are probably other ways to concretize the problem, this is just
> one that i've come up with.  But without a concrete way to understand
> what we're looking for, words like "bullet proof" or "easy to read" or
> "cryptographically secure" are tough to get people to agree on.
> 
> I suspect (as discussed upthread) that TOFU will have better metrics for
> "defense" at the game described above than any attempt that involves
> asking people to visually distinguish deterministically-generated
> identicons.  But i don't know, because i haven't tested it.
> 
>--dkg
> 

Excellent scenario and explanation Daniel, thank you!  I firmly believe
your suspicions regarding identicons will be fully shown accurate.

However, I am having difficulty following how TOFU would/could provide
better metrics for the "defense" side of the game.  As I understand the
concept of TOFU (Trust On First Use), when you receive a signed email
gpg tests that signature against the key retrieved from the public key
servers associated with the email.

To me this says nothing about whether you are actually communicating
with who you think you are communicating with.  It justs says "Yes, the
signature on the email you received was generated by the same key
associated with that email address on the public key servers."

This is not enough to convince me I am communicating with someone I
know.  For instance, I have not imported even one of the many keys I
receive from emails to this mailing list into my keyring because there
is no trust there.  And when I move to gpg 2.1 I will make certain that
TOFU is not enabled.

I think TOFU could potentially be a win for Mallory.  TOFU may make
people more likely to take for granted that they are communicating with
a trusted party because the email they received says it's someone they
trust and GPG says it's a good signature from al...@example.com.

The problem with this is that they never communicated with Alice to
learn her email address is actually al...@trustme.com.

My personal opinion, for whatever that is worth, is that TOFU is going
to have people sending signed/encrypted email back and forth to each
other without them having done the work to ensure they are actually
communicating with their intended parties.  Trust takes work.

Once the work on establishing identities has been done and trust has
been established there is no need to remember keys because the key will
be locally associated with the email address belonging to the trusted
party you wish to communicate with.

Best Regards,
Duane

-- 
Duane Whitty
du...@nofroth.com



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Daniel Kahn Gillmor]

On Tue 2017-06-06 01:24:43 +0200, Stefan Claas wrote:
> On 05.06.17 22:26, Daniel Kahn Gillmor wrote:
>> what does "bullet-proof" mean, specifically? 
>
> For me it means that the idendicons should be visually easy to read
> and cryptographically secure. Sorry that i have no better explanation.

here's one way to try to frame the question: Imagine the situation as a
game, where you have two players on one team, "defense" named Alice and
Bob; Alice wants to send a message to Bob.  Another player on the
opposing team, "offense", is named Mallory, is trying to send a message
to Bob as well, but trying to trick Bob into thinking that the incoming
message comes from Alice.

The way the game is played, either Alice or Mallory gets to send a
message.  Bob has to decide whether the message actually came from
Alice.  If Bob gets it right, the "defense" wins.  If Bob gets it wrong,
the "offense" wins.  The game is played multiple times.

Is that the scenario you're thinking of?  If so, does the defense need
to win 100% of the time over thousands of games?  or is it acceptable
for offense to win occasionally?

In any case question is: how much work does Mallory need to do to get
Bob to make a mistake?  How frequently can Mallory trick Bob into
accepting mail from her as though it were from Alice?  Conversely, how
many messages that were actually from Alice can Bob accidentally reject
without making Alice upset enough to give up on the entire
communications scheme?

When you frame the problem this way, you can start thinking more
concretely about what "bulletproof" means, and you can actually design
user trials to test proposals.

There are probably other ways to concretize the problem, this is just
one that i've come up with.  But without a concrete way to understand
what we're looking for, words like "bullet proof" or "easy to read" or
"cryptographically secure" are tough to get people to agree on.

I suspect (as discussed upthread) that TOFU will have better metrics for
"defense" at the game described above than any attempt that involves
asking people to visually distinguish deterministically-generated
identicons.  But i don't know, because i haven't tested it.

   --dkg


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 05.06.17 22:26, Daniel Kahn Gillmor wrote:
> On Mon 2017-06-05 16:22:26 +0200, Stefan Claas wrote:
>>>  * in the "distinguishing" model, it's not clear that any of the schemes
>>>i've seen are actually better for most humans against a dedicated
>>>attacker who crafts fingerprints to make visual identities that look
>>>similar.  do you have any studies showing this capability against a
>>>motivated and technically capable attacker?
>> No, of course i have not. My thoughts as a not so-skilled GnuPG user
>> would be that it helps users detecting (assuming it's bullet-proof)
> what does "bullet-proof" mean, specifically?  I ask this not for
> pedantry's sake, but because clearly stating the problem makes it
> possible to know whether a specific solution is applicable.
For me it means that the idendicons should be visually easy to read
and cryptographically secure. Sorry that i have no better explanation.
>
>> a proper key from a fake key more easily if they have not yet signed
>> (locally) a public key while they already exchanged a couple of
>> emails.  I can speak only of Thunderbird/Enigmail wich i use now. It
>> gives a user the usual "Untrusted Good Signatur" and i have to click
>> also on the Details button to carefully verify the fingerprint from an
>> addional list to see if the key belongs to the person the signature
>> claims. An additional visual fingerprint would make that proccess for
>> me easier, if it's bullet-proof.
> It sounds to me like you're saying that you find the key verification
> and certification steps as implemented by enigmail to be
> difficult-to-use.  You wouldn't be the only person who has that
> impression.
>
> But i don't see how a graphical icon solves that problem.  Isn't it a
> workflow problem, and not a visual-comparison problem?  If there's a
> standard thing (comparison, lookup, verification) you expect to be able
> to do with the tool, the tool should make that thing easy and simple to
> do.
>
> What specifically is the thing that you're trying to do when you click
> "Details" and verify the fingerprint (from what list?)?  Enigmail itself
> can compare fingerprints far better than you or i can, even if there is
> a graphical representation involved :) Maybe there's a different
> question or different interface Enigmail ought to offer in the "Details"
> view entirely?
Well, in the past, before i started using this email combination i
used web based email accounts copy and pasted the message into
a text editor and had no auto key retrival and looked up WWW
key servers to download the required key to verify the sig. I had
not often communications back then. So this was an acceptable
workflow for me.

With the current set-up it's all automatic and my understanding is
that in case i would receive a fake message my set-up would download
the fake key, display it as "Untrusted Good Signature" too, because i
have not yet locally signed the key. Therefore i click details to see the
fingerprint (which i can't memorizy) and look it up again. Maybe, as
casual user who never used this set-up before, i make a fundamentally
mistake in understanding of how the auto retrieve and verify function
works. I mean why is a Details button there to see a fingerprint which
i believe nobody can memorize in the first place? It must serve a purpose,
or not?

>>> I'd generally think that if you're looking for a tool to help people
>>> remember and recognize keys that they've seen before, then a mail user
>>> agent is in a great position to do exactly that: just tell the user
>>> explicitly what they've seen before, how often, etc.  why depend on the
>>> human visual cortex or on human ability for numeric recall?
>> I could imagine that Joe user average may not always look at mail headers
>> very carefully for a little typo in the from: or reply-to: header in his
>> mail client or web-mailer.
> i agree with you that users won't look at mail headers closely, which is
> why the e-mail client (the "mail user agent", or MUA) should be the
> thing to do the comparison, and to make it very clear to the user when
> something is amiss.  But that still doesn't answer the question of what
> the MUA should actually be trying to compare and what results it should
> be highlighting.
>
For me a MUA is passive and happily accepts what he receives, whether it's
correct content or not, so i can't answer that question, sorry.

Regards
Stefan
 




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Daniel Kahn Gillmor]

On Mon 2017-06-05 16:22:26 +0200, Stefan Claas wrote:
>>  * in the "distinguishing" model, it's not clear that any of the schemes
>>i've seen are actually better for most humans against a dedicated
>>attacker who crafts fingerprints to make visual identities that look
>>similar.  do you have any studies showing this capability against a
>>motivated and technically capable attacker?
>
> No, of course i have not. My thoughts as a not so-skilled GnuPG user
> would be that it helps users detecting (assuming it's bullet-proof)

what does "bullet-proof" mean, specifically?  I ask this not for
pedantry's sake, but because clearly stating the problem makes it
possible to know whether a specific solution is applicable.

> a proper key from a fake key more easily if they have not yet signed
> (locally) a public key while they already exchanged a couple of
> emails.  I can speak only of Thunderbird/Enigmail wich i use now. It
> gives a user the usual "Untrusted Good Signatur" and i have to click
> also on the Details button to carefully verify the fingerprint from an
> addional list to see if the key belongs to the person the signature
> claims. An additional visual fingerprint would make that proccess for
> me easier, if it's bullet-proof.

It sounds to me like you're saying that you find the key verification
and certification steps as implemented by enigmail to be
difficult-to-use.  You wouldn't be the only person who has that
impression.

But i don't see how a graphical icon solves that problem.  Isn't it a
workflow problem, and not a visual-comparison problem?  If there's a
standard thing (comparison, lookup, verification) you expect to be able
to do with the tool, the tool should make that thing easy and simple to
do.

What specifically is the thing that you're trying to do when you click
"Details" and verify the fingerprint (from what list?)?  Enigmail itself
can compare fingerprints far better than you or i can, even if there is
a graphical representation involved :) Maybe there's a different
question or different interface Enigmail ought to offer in the "Details"
view entirely?

>> I'd generally think that if you're looking for a tool to help people
>> remember and recognize keys that they've seen before, then a mail user
>> agent is in a great position to do exactly that: just tell the user
>> explicitly what they've seen before, how often, etc.  why depend on the
>> human visual cortex or on human ability for numeric recall?
>
> I could imagine that Joe user average may not always look at mail headers
> very carefully for a little typo in the from: or reply-to: header in his
> mail client or web-mailer.

i agree with you that users won't look at mail headers closely, which is
why the e-mail client (the "mail user agent", or MUA) should be the
thing to do the comparison, and to make it very clear to the user when
something is amiss.  But that still doesn't answer the question of what
the MUA should actually be trying to compare and what results it should
be highlighting.

   --dkg


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 05.06.17 17:40, Stefan Claas wrote:
> And another thought, since this thread says "app developers". How would
> services like StartMail, ProtonMail or gmx.de for example handle this...?
>
> If i remember correctly users have not the possibillity to sign someone
> elses pub-key when they both use the same service. If someone gains
> unauthorized access to one account and use his own fake pub key...?!
>
Appologies to all, i had a brain fart with this unauthorized access
sentence and
a fake pub key.

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 05.06.17 16:22, Stefan Claas wrote:
> On 04.06.17 22:20, Daniel Kahn Gillmor wrote:
>
>> I'd generally think that if you're looking for a tool to help people
>> remember and recognize keys that they've seen before, then a mail user
>> agent is in a great position to do exactly that: just tell the user
>> explicitly what they've seen before, how often, etc.  why depend on the
>> human visual cortex or on human ability for numeric recall?
> I could imagine that Joe user average may not always look at mail headers
> very carefully for a little typo in the from: or reply-to: header in his
> mail client or web-mailer.
And another thought, since this thread says "app developers". How would
services like StartMail, ProtonMail or gmx.de for example handle this...?

If i remember correctly users have not the possibillity to sign someone
elses pub-key when they both use the same service. If someone gains
unauthorized access to one account and use his own fake pub key...?!

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 04.06.17 22:20, Daniel Kahn Gillmor wrote:

> Hi Stefan--
>
> I think you're asking about two sort of different things.
>
> on the one hand, you're asserting that the 32-bit keyid isn't sufficient
> for any sort of cryptographic verification.  that's absolutely correct,
> and enigmail really shouldn't be exposing the 32-bit keyID to humans
> where it can avoid doing so.  I've written more about this here:
>
>   https://debian-administration.org/users/dkg/weblog/105

Very good article Daniel i will re-read and save it as reference
and let other people know about it.


> You're also asking about graphical representations of the cryptographic
> identity -- a graphical representation of a fingerprint, basically.
> The community has seen several different proposals of graphical
> fingerprint representations in the past, and every one i've seen
> gets stuck when faced with the hard questions.  In particular:
>
>  * is the goal *recognition* of the fingerprint (i.e. "does this
>fingerprint look sufficiently similar to the one i've seen in the
>past for me to remember it?"), or is the goal *distinguishing* from a
>maliciously-crafted fingerprint (i.e. "am i certain that this
>fingerprint is an exact match of one that i expect to see from the
>peer who i think should have been signing this e-mail?")
>
>  * In the "recognition" model, it's not clear that any
>cryptographically-strong guarantees are made to the user.  So why tie
>the visual identity to the cryptographic identity if we think it's
>spoofable?
>
>  * in the "distinguishing" model, it's not clear that any of the schemes
>i've seen are actually better for most humans against a dedicated
>attacker who crafts fingerprints to make visual identities that look
>similar.  do you have any studies showing this capability against a
>motivated and technically capable attacker?

No, of course i have not. My thoughts as a not so-skilled GnuPG user
would be that it helps users detecting (assuming it's bullet-proof) a
proper key from a fake key more easily if they have not yet signed
(locally) a public key while they already exchanged a couple of emails.
I can speak only of Thunderbird/Enigmail wich i use now. It gives a
user the usual "Untrusted Good Signatur" and i have to click also on
the Details button to carefully verify the fingerprint from an addional
list to see if the key belongs to the person the signature claims. An
additional visual fingerprint would make that proccess for me easier,
if it's bullet-proof.

> I'd generally think that if you're looking for a tool to help people
> remember and recognize keys that they've seen before, then a mail user
> agent is in a great position to do exactly that: just tell the user
> explicitly what they've seen before, how often, etc.  why depend on the
> human visual cortex or on human ability for numeric recall?

I could imagine that Joe user average may not always look at mail headers
very carefully for a little typo in the from: or reply-to: header in his
mail client or web-mailer.

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Daniel Kahn Gillmor]

Hi Stefan--

I think you're asking about two sort of different things.

on the one hand, you're asserting that the 32-bit keyid isn't sufficient
for any sort of cryptographic verification.  that's absolutely correct,
and enigmail really shouldn't be exposing the 32-bit keyID to humans
where it can avoid doing so.  I've written more about this here:

  https://debian-administration.org/users/dkg/weblog/105

You're also asking about graphical representations of the cryptographic
identity -- a graphical representation of a fingerprint, basically.
The community has seen several different proposals of graphical
fingerprint representations in the past, and every one i've seen
gets stuck when faced with the hard questions.  In particular:

 * is the goal *recognition* of the fingerprint (i.e. "does this
   fingerprint look sufficiently similar to the one i've seen in the
   past for me to remember it?"), or is the goal *distinguishing* from a
   maliciously-crafted fingerprint (i.e. "am i certain that this
   fingerprint is an exact match of one that i expect to see from the
   peer who i think should have been signing this e-mail?")

 * In the "recognition" model, it's not clear that any
   cryptographically-strong guarantees are made to the user.  So why tie
   the visual identity to the cryptographic identity if we think it's
   spoofable?

 * in the "distinguishing" model, it's not clear that any of the schemes
   i've seen are actually better for most humans against a dedicated
   attacker who crafts fingerprints to make visual identities that look
   similar.  do you have any studies showing this capability against a
   motivated and technically capable attacker?

I'd generally think that if you're looking for a tool to help people
remember and recognize keys that they've seen before, then a mail user
agent is in a great position to do exactly that: just tell the user
explicitly what they've seen before, how often, etc.  why depend on the
human visual cortex or on human ability for numeric recall?

  --dkg


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 05.06.17 01:05, Ben McGinnes wrote:
> On Sun, Jun 04, 2017 at 10:47:56PM +0200, Stefan Claas wrote:
>> I'm not yet familar with the TOFU model, but if it helps to spot a
>> fake pub key imediately, in addition to the regular trust-model i
>> see no reason why not.
> That's pretty much exactly what it does.
>
> TOFU stands for Trust On First Use, so even if a key is not explicitly
> trusted or signed, GPG will maintain a record of the number of times a
> signed message has been seen from it, associated user IDs and email
> addresses and so on.  It will also report discrepancies.  It's pretty
> much how most people had been unofficially handling things anyway in
> order to favour encryption even with unknown parties.
>
> It is, of course, another reason why people tend not to look back
> after switching to GPG 2.1.
>

Thank you very much for your explanation! This sounds excellent!
Hope i can see this soon in GPGTools implemented too.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Ben McGinnes]

On Sun, Jun 04, 2017 at 10:47:56PM +0200, Stefan Claas wrote:
>
> I'm not yet familar with the TOFU model, but if it helps to spot a
> fake pub key imediately, in addition to the regular trust-model i
> see no reason why not.

That's pretty much exactly what it does.

TOFU stands for Trust On First Use, so even if a key is not explicitly
trusted or signed, GPG will maintain a record of the number of times a
signed message has been seen from it, associated user IDs and email
addresses and so on.  It will also report discrepancies.  It's pretty
much how most people had been unofficially handling things anyway in
order to favour encryption even with unknown parties.

It is, of course, another reason why people tend not to look back
after switching to GPG 2.1.


Regards,
Ben


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Ben McGinnes]

On Sun, Jun 04, 2017 at 08:29:31PM +0200, Kristian Fiskerstrand wrote:
> On 06/04/2017 11:21 AM, Stefan Claas wrote:
>
>> The reason why i ask, i started to use Thunderbird with Enigmail
>> and Enigmail shows me always Untrusted Good Signature with a 32bit
>> key ID, when i have not carefully verified the persons pub key and
>> --lsign'ed the pub-key. Showing only the long key id or the
>> complete fingerprint is imho more difficult to quickly memorize
>> than an additionial shown identicon (computed from the
>> fingerprint).
> 
> I'm likely missing something there, but if having a reasonable
> assurance the public keyblock in question should likely be lsigned
> by a local CAkey anyways? Doing a manual graphical verification
> doesn't seem to provide anythin in terms of security here.


It's got nothing to do with security and everything to do with
providing a unique generated icon for each key so an end user can
personally identify the correct key based on coloured shapes instead
of a hexadecimal string.  Which is why I called it Gravatar for GPG.

It's not the sort of thing that should be in GPG itself, but there's
nothing stopping anyone from incorporating that kind of feature into a
key management tool.


Regards,
Ben


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 04.06.17 22:32, Kristian Fiskerstrand wrote:

> On 06/04/2017 10:25 PM, Stefan Claas wrote:
>> With Thunderbird/Enigmail (i can't speak for other apps) a user new to GnuPG
>> and and not savvy with checking email headers and not carefully checking the
>> fingerprint (he must click addionally on the Details button) and who has
>> never
>> signed a public key before would in my opinion have it easier if he would be
>> presented with an additional visual fingerprint imho, because he would
>> imediately
>> spot after the second email if the pub-key, he not yet lsigned, that
>> there is
>> something wrong.
>>
>> If the visual fingerprint would be bullet-proof it would not hurt to
>> implement
>> such a feature, imho.
> Any talk about visual inspection of consistency in fingerprint seems
> like an implementation of a TOFU model rather than an actual trust
> model? So instead of doing a manual visual inspection, you'd want the
> tofu model in gpg 2.1?
>
I'm not yet familar with the TOFU model, but if it helps to spot a fake
pub key imediately, in addition to the regular trust-model i see no
reason why not.

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Kristian Fiskerstrand]

On 06/04/2017 10:25 PM, Stefan Claas wrote:
> With Thunderbird/Enigmail (i can't speak for other apps) a user new to GnuPG
> and and not savvy with checking email headers and not carefully checking the
> fingerprint (he must click addionally on the Details button) and who has
> never
> signed a public key before would in my opinion have it easier if he would be
> presented with an additional visual fingerprint imho, because he would
> imediately
> spot after the second email if the pub-key, he not yet lsigned, that
> there is
> something wrong.
> 
> If the visual fingerprint would be bullet-proof it would not hurt to
> implement
> such a feature, imho.

Any talk about visual inspection of consistency in fingerprint seems
like an implementation of a TOFU model rather than an actual trust
model? So instead of doing a manual visual inspection, you'd want the
tofu model in gpg 2.1?

-- 

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk

Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

"Action is the foundational key to all success"
(Pablo Picasso)



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 04.06.17 20:29, Kristian Fiskerstrand wrote:
> On 06/04/2017 11:21 AM, Stefan Claas wrote:
>> The reason why i ask, i started to use Thunderbird with Enigmail and
>> Enigmail shows me always Untrusted Good Signature with a 32bit key ID,
>> when i have not carefully verified the persons pub key and --lsign'ed
>> the pub-key. Showing only the long key id or the complete fingerprint
>> is imho more difficult to quickly memorize than an additionial shown
>> identicon (computed from the fingerprint).
> I'm likely missing something there, but if having a reasonable assurance
> the public keyblock in question should likely be lsigned by a local
> CAkey anyways? Doing a manual graphical verification doesn't seem to
> provide anythin in terms of security here.
>
Call me stupid, i use(d) GnuPG not to much and i'm not a pro user like
many here on the list. But when i receive(d) a signed message the first
time,
from a user completey unknown to me i did not lsign his/her key. Instead i
verified always the fingerprint and the email headers a couple of times.

With Thunderbird/Enigmail (i can't speak for other apps) a user new to GnuPG
and and not savvy with checking email headers and not carefully checking the
fingerprint (he must click addionally on the Details button) and who has
never
signed a public key before would in my opinion have it easier if he would be
presented with an additional visual fingerprint imho, because he would
imediately
spot after the second email if the pub-key, he not yet lsigned, that
there is
something wrong.

If the visual fingerprint would be bullet-proof it would not hurt to
implement
such a feature, imho.

Hope that my suggestion is not to naive or to stupid!

Regards
Stefan


 


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Kristian Fiskerstrand]

On 06/04/2017 11:21 AM, Stefan Claas wrote:
> The reason why i ask, i started to use Thunderbird with Enigmail and
> Enigmail shows me always Untrusted Good Signature with a 32bit key ID,
> when i have not carefully verified the persons pub key and --lsign'ed
> the pub-key. Showing only the long key id or the complete fingerprint
> is imho more difficult to quickly memorize than an additionial shown
> identicon (computed from the fingerprint).

I'm likely missing something there, but if having a reasonable assurance
the public keyblock in question should likely be lsigned by a local
CAkey anyways? Doing a manual graphical verification doesn't seem to
provide anythin in terms of security here.

-- 

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk

Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

Bene diagnoscitur, bene curatur
Something that is well diagnosed can be cured well



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 04.06.17 13:19, Ludwig Hügelschäfer wrote:
> On 04.06.17 12:39, Stefan Claas wrote:
>> On 04.06.17 11:50, Ben McGinnes wrote:
> (...)
>
>>> then add "keyid-format 0xLONG" to your gpg.conf file.
>>>
>> I did that, but Enigmail still shows me the short key-id. :-(
> The next major version of Enigmail will show long keyIds everywhere.
>
Oh, that's good news! :-) Much appreciated!

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Ludwig Hügelschäfer]

On 04.06.17 12:39, Stefan Claas wrote:
> On 04.06.17 11:50, Ben McGinnes wrote:

(...)

>> then add "keyid-format 0xLONG" to your gpg.conf file.
>> 
> I did that, but Enigmail still shows me the short key-id. :-(

The next major version of Enigmail will show long keyIds everywhere.

Ludwig



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 04.06.17 12:50, Robert J. Hansen wrote:
>> P.S. With scallion it took me only seconds/or a minute to generate
>> a fake pub-key with the same 32bit key id, on my old notebook.
> The question then becomes how hard it would be to forge a qidenticon.
> There's not a whole lot of entropy there.
I'm no cryptographer nor a programmer, but i think a visiualisation
of a fingerprint could be helpful, if it's bullet-proof.

Here's an image i run with the example go code provided. I replaced
the word "text" in the sample code with "0x"etc. and in the second
image with "0x1000"etc.

http://img5.fotos-hochladen.net/uploads/visualfingerprp9ohtdmbkr.png

Regards
Stefan




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Robert J. Hansen]

> P.S. With scallion it took me only seconds/or a minute to generate
> a fake pub-key with the same 32bit key id, on my old notebook.

The question then becomes how hard it would be to forge a qidenticon.
There's not a whole lot of entropy there.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

On 04.06.17 11:50, Ben McGinnes wrote:

> On Sun, Jun 04, 2017 at 11:21:33AM +0200, Stefan Claas wrote:
>> The reason why i ask, i started to use Thunderbird with Enigmail and
>> Enigmail shows me always Untrusted Good Signature with a 32bit key ID,
>> when i have not carefully verified the persons pub key and --lsign'ed
>> the pub-key. Showing only the long key id or the complete fingerprint
>> is imho more difficult to quickly memorize than an additionial shown
>> identicon (computed from the fingerprint).
> You shouldn't need to memorise it.  In Enigmail you can create rules
> for addresses to link to preferred keys, as well as set whether or not
> to encrypt all messages or just sign and so on.  Most MUAs which
> support GPG provide some method of doing this and GPG itself supports
> that function with group lists in the gpg.conf file.

 Thank you for the information, i will check it out.
>
> If the version of GPG you have installed supports it, you should
> probably add this to your gpg.conf:
>
> trust-model tofu+pgp
> tofu-default-policy unknown
>
> That will gradually build a more practical web-of-trust which keeps
> track of seen keys for you.

 I use GPGTools and therefore can't use it yet.
>
>> P.S. With scallion it took me only seconds/or a minute to generate
>> a fake pub-key with the same 32bit key id, on my old notebook.
> Yes, this has been possible for a long time now.  Most people use a
> 64-bit view for that reason.  This is now the default view in GPG 2.1,
> along with displaying the full finterprint.  If you do not have GPG
> 2.1.x installed, such as if you're using GPGTools on OS X or GPG4Win,
> then add "keyid-format 0xLONG" to your gpg.conf file.
>
I did that, but Enigmail still shows me the short key-id. :-(

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question for app developers, like Enigmail etc. - Identicons

[Ben McGinnes]

On Sun, Jun 04, 2017 at 11:21:33AM +0200, Stefan Claas wrote:
> Hi,
> 
> i like to ask application developers if it's possible to implement,
> in the future, identicons like for example Bitmessage has?
> 
> https://github.com/jakobvarmose/go-qidenticon

It's possible, but it's highly unlikely that anyone would bother
creating what is essentially Gravatar for GPG.

Especially since the protocol already supports key owners including a
pictrure with their key.  Most people don't do that either.

> The reason why i ask, i started to use Thunderbird with Enigmail and
> Enigmail shows me always Untrusted Good Signature with a 32bit key ID,
> when i have not carefully verified the persons pub key and --lsign'ed
> the pub-key. Showing only the long key id or the complete fingerprint
> is imho more difficult to quickly memorize than an additionial shown
> identicon (computed from the fingerprint).

You shouldn't need to memorise it.  In Enigmail you can create rules
for addresses to link to preferred keys, as well as set whether or not
to encrypt all messages or just sign and so on.  Most MUAs which
support GPG provide some method of doing this and GPG itself supports
that function with group lists in the gpg.conf file.

If the version of GPG you have installed supports it, you should
probably add this to your gpg.conf:

trust-model tofu+pgp
tofu-default-policy unknown

That will gradually build a more practical web-of-trust which keeps
track of seen keys for you.

> P.S. With scallion it took me only seconds/or a minute to generate
> a fake pub-key with the same 32bit key id, on my old notebook.

Yes, this has been possible for a long time now.  Most people use a
64-bit view for that reason.  This is now the default view in GPG 2.1,
along with displaying the full finterprint.  If you do not have GPG
2.1.x installed, such as if you're using GPGTools on OS X or GPG4Win,
then add "keyid-format 0xLONG" to your gpg.conf file.


Regards,
Ben


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Question for app developers, like Enigmail etc. - Identicons

[Stefan Claas]

Hi,

i like to ask application developers if it's possible to implement,
in the future, identicons like for example Bitmessage has?

https://github.com/jakobvarmose/go-qidenticon

The reason why i ask, i started to use Thunderbird with Enigmail and
Enigmail shows me always Untrusted Good Signature with a 32bit key ID,
when i have not carefully verified the persons pub key and --lsign'ed
the pub-key. Showing only the long key id or the complete fingerprint
is imho more difficult to quickly memorize than an additionial shown
identicon (computed from the fingerprint).

P.S. With scallion it took me only seconds/or a minute to generate
a fake pub-key with the same 32bit key id, on my old notebook.

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users