On 2015-07-29 18:24, n...@enigmail.net wrote: > So, could somebody explain in a bit more detail how a PoW approach works? >
As far as I understand it, for any key that you have - regardless whether you have access to the mail address in the uid - you can add some signature where anyone with the public key can quickly check that the person that posesses the private key has spent a specific amount of computing power (p.e., 1 week with an average PC) to create this signature. It is hard to create the signature (impossible without the private key, a lot of computing power with it) but easy to check. Essentially, you create the possibility to make a key 'premium' by spending this time and hope that trolls who flood the keyservers with fake keys will be deterred by the costs. Anyone who does not have any problem with trolls can of course still upload a non-premium key. I myself find the idea not so appealling. I would not like it if after creating a key my machine had high CPU load for a couple of weeks. And I doubt that many trolls will be deterred by it - the number of fake keys per time interval will go down, but since they are anyhow going out of their way to create problems for others without any gain for themselves, I think a significant portion will still do it even if it costs more. I rather like the idea of servers that offer to sign your key (or rather a specific UID) and send it to your email, encrypted to you. For the user this just means that if he has the problem of trolls using his address he has to send his key to such a server or upload it in a webinterface, then receive the mail, decrypt it and import the contained signatures to his key, and optionally upload his new key to a keyserver - with enigmail, for example, everything done within a few clicks. Anyone who looks for a key to a specific mail address on a keyserver will probably, when faced with multiple results, take the one that has most signatures (and isn't expired) - especially if some of the signatures are from email-verification-sounding hostnames. Therefore, there is no necessity to create a whitelist of servers (but it can be done, if a user decides to trust signatures of a specific server) and it is still decentralized - anyone can set up such a verification server. Of course with a lot of effort, a troll could still try to create a complete fake network and cross-sign different keys. But here the amount of work to be done for a troll is much bigger than that for a genuine user, so hopefully it will not be a problem. It would also be possible to check for known services if the signature is actually theirs (by checking the key with that on the homepage or something like that), but of course it should have been possible to do that with the original recipient already... These signatures should expire after a year or so, so keys where the owner no longer has acces to the private key will loose these signatures after a while. I myself have two older keys from early experiments (where I did not specify an expiry date) uploaded to the keyserver network, but I guess anyone who looks me up will take my current key, because it has much more subkeys (which I now change every year) and also some signatures. Now that I think about it - if I search for the original author of the c't article (j...@ct.de), who complained about getting mails that were encrypted to some fake key, I would assume that the keys 38EA4970 and E1374764 are both genuine, because they both have not only selfsigs. BTW, they are both signed by different keys with the UID 'pg...@ct.heise.de', so they already have a similar service in place - of course I had to do a websearch to find if these keys are genuine, which should probably be easier. I guess ideally the UID would contain a weblink to a page that has the fingerprint and describes the service shortly. Regards, Viktor
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
