-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 28.07.15 16:46, Ingo Klöcker wrote: > On Monday 27 July 2015 21:05:26 Ludwig Hügelschäfer wrote: >> Hi Ingo, >> >> On 27.07.15 16:31, Ingo Klöcker wrote:
(...) >> Why should there not be a similar community approach for setting >> up a (smaller) network of validating key server proxies. > > Well, the keyservers do not make any claims with regard to the > authenticity or the integrity of the keys. Those checks are left to > the clients. I do not have to trust any of the keyservers. > > The validating key server proxies claim validity of the UIDs (to a > certain degree). I can see myself marking such a proxy as trusted > by adding it to my gnupg.conf (or to KMail's configuration). But I > cannot see myself adding such a proxy to the whitelist that's > shipped with KMail. > > Another problem I see with whitelist management is revocation in > case the validation key of a validating proxy is compromised. > Again, for the CA certificate bundles that's handled by the > distributors and not by individual application developers. Let's concentrate on this one, I think this is the real tough task: establishing a trust chain from the validating servers to the client. There's one root certificate, signing the individual proxy certificates. Each individual proxy has a certificate it is using for creating the validating signatures. Each client only needs to have the root certificate builtin. If it encounters a validation proxy's certificate, it will download it. If a proxy certificate is known compromised, the signature from the root certificate is revoked. If the root certificate is compromised (and revoked), the scheme will require new client versions with a new root certificate builtin. The client itself must refresh the root certificate and all downloaded proxy certificates regularly. This all requires a very small group of maintainers for the root certificate (2 or 3 people), issueing and revoking signatures for proxy certificates. The client authors will need to have a trust chain to at least one root certificate maintainer. This is also true for the proxy maintainers . This is my view of the problem :-) Ludwig -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJVt+CmAAoJEDrb+m0Aoeb+MZsP/RhiweEwRqQhG1q6yyrFLdYJ +tBUUYOlKWdI3xoDCX2g0dUu+4hl9VcbvLpOJSunDgbPNT7HHaZSKmV8Mo+3iE2o J9v9jGdmK3UJxBRNZhR2+z0vN2Qm9OWN2a17rd7EDmwAjr6GZ6zqw1XMTjd3JSz9 yDGaCgMQhLfcw0qesTD4rKEWNf95KQBpFdWcJypcEPBJtad676SNwHLBAnktAhJ+ Oo942tT9982s2ijnPfGGw5CS8K+J2T2kS/ucMPWFwK4m6/NngLip20ET+S2DcBcG f09RHHwvPUc1/j6QDb1HfDdlu9vqUp/h9MZ6EEBPPCCDwTtl0RSXnd6jveEJtzrs X5DSZRMruDrjNw4OJ0NQytN1s+FeyZn1I/vQYEREgJgGdzGmW1UpcqbzVhMOOFHz dgP5RbIrgQC2MbgZDjARlFK8SknJxO0D6B9RYqaYE4bCr6/x4+9vZ9XAJZw8wYlt 25gP1S7oLC8g3vsVNXfkXeaRRC7V6PPKPWxqcodBtg0uQh49H8i7G53W/OMpu/aZ QJJn8Z2JqKbye/0IRByYcCEcnd2dviHRA++eWQswdJpb6kyJv7LraHgV3z0lhZkI Qj9roCPGuqIsHGuQLoL+leOp6xUkWbgdT1dWNnIkCzWnRB3wl5pJ9R6eIKGcWlmO jZqhgSJBm5V7OXV51bdr =0UhR -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
