Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
On 13/03/11 7:22 AM, Robert J. Hansen wrote: > On 3/12/2011 1:05 PM, MFPA wrote: >> How does the WoT idea require me to know the names or email addresses >> associated with the keys in the trust path? The text strings in User >> IDs do not feature in the trust calculation. > > Yes, in fact, they do. > > In my past, there's an ex-CEO whom I'll just call "Ben." I wish you hadn't. ;) > Ben made some really astonishingly bad decisions that put him in > prison for eighteen months, and left me with a permanent distrust > for him. If I see Frank has signed Ben's certificate, and I trust > Frank, am I going to trust Ben? > > Of course not. I wouldn't trust him either. Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
Ben McGinnes wrote: > On 12/03/11 6:26 PM, John Clizbe wrote: >> >> That's the SKS implementation of the key database. On top of the >> keys, there are several other tables. Within each table there is >> also empty space, most commonly space left at the end of a page. >> >> The present size of just the raw keys -- like you would pull in a >> keydump to bootstrap a server -- is 4.38 GB > > Thanks. I think I might have to play around with installing a local > server. I don't have a big enough link to run a public server, but > running a local one would probably serve as an interesting exercise. I think that's my problem with sks.keyservers.net, getting too many timeouts. Have to beat on AT&T *again* > > Is the source on the sks-servers.net site or should I be looking > elsewhere? Originally @ https://savannah.nongnu.org/projects/sks/ Currently at Google™ Code: http://code.google.com/p/sks-keyserver/ Current release: http://code.google.com/p/sks-keyserver/downloads/detail?name=sks-1.1.1.tgz&can=2&q= trunk: hg clone https://sks-keyserver.googlecode.com/hg/ sks-keyserver my branch: hg clone https://johnclizbe-sks-keyserver.googlecode.com/hg/ johnclizbe-sks-keyserver You need Berkeley DB >= 4.6 and ocaml >= 3.11.0 I've built on Linux, Mac OS (MacPorts), and Solaris (Blastwave) -- John P. Clizbe Inet: John (a) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: For Windows
On 13/03/11 7:24 AM, MFPA wrote: > > Or simply use pgp-inline so that the disclaimer comes after the > signature. Yes, this is a fine example of why in-line still has a place in the world. Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
On 12/03/11 6:26 PM, John Clizbe wrote: > > That's the SKS implementation of the key database. On top of the > keys, there are several other tables. Within each table there is > also empty space, most commonly space left at the end of a page. > > The present size of just the raw keys -- like you would pull in a > keydump to bootstrap a server -- is 4.38 GB Thanks. I think I might have to play around with installing a local server. I don't have a big enough link to run a public server, but running a local one would probably serve as an interesting exercise. Is the source on the sks-servers.net site or should I be looking elsewhere? Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
On 13/03/11 6:37 AM, MFPA wrote: > > Whatever you do with user IDs is optional, since they are just a > free-text field. And of course a user wanting to make their key > match more searches could include extra UIDs with additional > hashes. For example John Smith could > include hashes of example.com and of john.smith. In any event, > including the information in hashed form should make the key more > likely to be found than if the info were not there at all. I think you're assuming a level of innate understanding of what can be done with every part of a UID by every user when they create a key. This is most definitely not the case. > If there was a point there other than curiosity value, it went way > over my head. (-: That was an example. The point was being able to determine, to some extent, the degree of OpenPGP use in Australian politics and the civil service. In the case of that minister, I knew the rest of his party used it because I know they were using a corporate version of PGP in 2000 or 2001. The two major parties over here have always had some interesting interactions online (ever since a scandal involving a staffer of one providing information to "hack" the website of the other in 1998). Currently I can run "gpg --search-keys aph.gov.au" and get the keys for everyone who has one in Parliament House (most of them are civil servants, only two or three are politicians). With hashed UIDs, unless the person generating the hash specifies additional hashes to be included then that will cease to work. As much as I find your idea interesting, I think I'd rather have the ability to search on sections of a UID. If I ever want to be contacted in a way that is separate from my name, then I'll just go to the effort of creating a new key with a pseudonym and relevant mail drop. If your hashed UID were an optional feature that were not enabled by default, I doubt I would object, but I think the current use of UIDs has value that I would not want to see superceded by the hashed version. Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
On 3/12/2011 7:41 PM, Hauke Laging wrote: > No. You just control who can make the next step: Mapping keys to UIDs. Yes. Like I said, you want an ORCON system. If you control how people can use data, then you've entered ORCON. As soon as you invent an ORCON system, I would love to revisit this conversation. I am not being in the slightest bit facetious: I think ORCON systems are difficult theoretical and practical challenges and I'd love to see a successful system fielded. It's just that, as currently drafted, this isn't it. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
Am Freitag 11 März 2011 14:54:57 schrieb Robert J. Hansen: > On 3/10/2011 3:09 PM, Hauke Laging wrote: > > That's the technical situation today. But it is no use to announce > > that to the whole world. > > (Did you mean "not necessary" instead of "no use"?) I meant "not useful". > It is useful to quite a lot of people. Look at how many people map out > webs of trust for entirely innocent purposes. As MFPA mentioned: This would not prevent mapping. It would (if noone fails) help limiting the access to the identities in the map to those who are supposed to be able to do that by the decision of the respective identity owner. > How do you propose determining who really needs those signatures for > validation purposes and who doesn't? And once you've made that > determination, how do you enforce it? The access to signatures is not limited. Everyone decides himself which ones he needs. But the owner of the identity decides whom it is revealed to. > "I'll make the certification, but I get to > control who gets to learn about the certification." No. You just control who can make the next step: Mapping keys to UIDs. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
On 03/12/2011 15:06, Robert J. Hansen wrote: This scheme offers the illusion of security instead of actual security: and I feel selling people an illusion is a deeply corrupt act. +1 I'm hoping that this discussion is going to draw to a close soon, having already lived through it and drawn roughly the same conclusions on PGPNET. Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: For Windows
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hi Jonathan, > I can not find an executable for 2.0.17 for Windows http://gpg4win.org/download.html , but later you wrote that you installed (and uninstalled) it already. In fact, gpg4win 2.1.0-rc2 comes with GnuPG 2.0.17. The 2.x series MUST use gpg-agent and gpg-agent DOES use a graphical pinentry. Depending on how you install gpg4win, GTK or Qt pinentry is used. They have slightly different behavior concerning focus. If you did a default install, then Qt is installed. If you install JUST GnuPG and disable all other packages (documentation doesn't hurt), then GTK is used. > I do not know how to configure the GPG-agent It does not need to be set up but you may tweak it by creating gpg-agent.conf in the GnuPG home directory and maybe add a line with "default-cache-ttl 86400". But it uses pinentry GUI and that dialog is even problematic for non-blind since it is sometimes hidden behind other windows. Mind that if you use GnuPG 2.x (requiring gpg-agent), then you must also set Enigmail to use it (in EXPERT OpenPGP preferences -> Advanced -> "Use gpg-agent for passphrases". > Everything must be 100% keyboard accessible. Then GnuPG 2.x may not be for you. Are there features the 1.4 series doesn't provide that you really need (such as different passphrases for multiple keys) because Eningmail doesn't provide for that? If not: 1.4 is still up-tp-date and will be for long ... Olav -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQGcBAEBAwAGBQJNesJYAAoJEKGX32tq4e9WuHgL/iZdbSD10jeWuSTjFybbcfsY xI0DvXRw7Cu/verZdGMXwoGc0isE9y9XOzS1ZvYklwbbX64hdjL/3Rnb6khtrRmq iW8a42VcO2AQxUXS3OKVIGaFtH0aiuV/DOf42FnoujCwTdLPQJkBMbuGUNCN2Nio VJTb7wIhuJ/qL8zqQWG57PpPs10398BNfbYZHPxnK7O9zL4esQkJMNEK4ZL9Ha1U yUicJ3AUXE4/mS9WsyqAmtIGJkF6Xgs2iFZsUY2HDmQUz+cPPdeYBalArMoy0F+C V1ZV29j673KEXARI8p+p+QcXrBWAkgOAvJ8boARKxhGqNws6GhgW9+AuoR9fNbzi qKMdf5vTjCIyd9m2bIwFqSWBQ0Nm+wnMUslsL+oIcETe01dsqB+3kExBgytJEqzx QWnnv5iOv60qU30kWPdsK3RMUpJCpKBSWh3lCUlbLPgShHRGL6A7hdOZaOArJ/76 rcBc6cjwFblPAgiJVp3IrWA8phXL4g2Cad8K49OdAA== =06F1 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
Am Sonntag 13 März 2011 00:06:14 schrieb Robert J. Hansen: > I mean, really, is that what you want to sell? Or should this be taken > as a, "the idea of blinded UIDs is a good one, but this idea is > inadequate and should be taken back to the drawing board"? Your arguing pretends that somebody is to be fooled. That is not the case. Nothing prevents gnupg (and I even suggested to do that) from warning that this feature seems to just be used for an email address which is does not make sense to be used with (for the reason you explained very convincingly). When offering this feature it should be clearly said that it not worth much for most existing addresses. It isn't, too, for new addresses which are simple. As a user you should decide to take both or none: a safe email address and a safe UID or a normal address and a normal UID. This would not be snake oil. But a tool that requires certain knowledge and awareness. Just as today's gnupg itself. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
On 3/12/2011 5:25 PM, MFPA wrote: > A desire to not publish my email addresses (but still have somebody > who knows any of my addresses find my key on a server) does not equate > to an assumption that somebody wants to harvest email addresses from > servers. Yes, it does. If nobody's looking for people's email addresses, then there's no need to not publish email addresses. And if there's a need to not publish email addresses, that's because somebody's looking for them. > Is not about providing complete confidentiality, anonymity or > security. Instead of leaving a document open on the desk, this scheme > is more akin to putting it in the drawer or cupboard than it is to > putting it in the safe. Not secure but good enough in many > circumstances. It is not good enough right now to prevent an even moderately skilled attacker from recovering email addresses. A work factor of 10 billion means I write a Perl script, let my iMac work for a week, and fill up a $100 hard drive. This scheme offers the illusion of security instead of actual security: and I feel selling people an illusion is a deeply corrupt act. "If we use this blinding scheme it will look like it works but in reality anyone who wants to map out the Web of Trust will probably just be delayed for a week and the majority of users will think they're secure." I mean, really, is that what you want to sell? Or should this be taken as a, "the idea of blinded UIDs is a good one, but this idea is inadequate and should be taken back to the drawing board"? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Saturday 12 March 2011 at 8:24:34 PM, in , Robert J. Hansen wrote: > On 3/12/2011 3:10 PM, MFPA wrote: >> After generating the list of possible email addresses, why would a >> spammer generate the hashes and search for keys instead of simply >> blasting out messages to the whole lot? > Beats me. You're the one who's assuming someone wants > to harvest email addresses. A desire to not publish my email addresses (but still have somebody who knows any of my addresses find my key on a server) does not equate to an assumption that somebody wants to harvest email addresses from servers. If such an assumption was stated it wasn't by me. (-: > Imagining a spammer behind > it is just part of a thought exercise. Fair enough. It just seemed difficult to imagine what would be the return on their effort. > Focus on the > real issue -- that this scheme you're proposing is not > secure against an even mildly motivated attacker -- not > who the prospective attacker is. Fair enough, I underestimated quite how easy a brute force attack could be. Longer email addresses at less-obvious domain names makes it just that little bit harder but that is not really the point, IMHO. Since anybody can add a certification to the key saying whatever they choose, somebody else could make public one or more of the hashed email addresses or identities. No major problem, just add a new one. Is not about providing complete confidentiality, anonymity or security. Instead of leaving a document open on the desk, this scheme is more akin to putting it in the drawer or cupboard than it is to putting it in the safe. Not secure but good enough in many circumstances. - -- Best regards MFPAmailto:expires2...@ymail.com You can't build a reputation on what you are going to do -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe/L5nhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pYCwD/3iq j/lM7ACgiteMKjkncvhLTnrNv2yJg+ybKd1fqz+K9oTkT/UG/aoiNGLQZOmHDs1y HtjfrqcdUQVael3uhj5zl1KrYpXWmDjTBFpQHEspxpqmXY2529WqOrvDqyHdvUMg qFeWHDI8hbCXGi4+gY/md9JzOfymLo0LNcPBV8eB =m7VY -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Computer tools and Human Intelligence
Authentication "Mechanism" I'm not so sure about this. Public Key Signatures are tools which enable us to test identities against our known references. The Important Things are that we see to the validity of those Known References and that we effect Due Diligence in running the tests when appropriate. The PGP signatures provide the tools for this; I think human intelligence will always be needed. although automation would be very desirable when procedures have been established,-- such as in connecting with a service using SSL or TLS. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
validating signatures
I think one of the things that is generally missed in the public internet environment is the need to validate signatures this would apply to x.509 certificates but working with PGP or GnuPG is a very good way to learn about digital signatures and I try to encourage my computer friends to do this a thread on Internet Evolution by Jart Armin gets into this a little, digressing into some discussion of man in the middle attacks and session hijacking stuff that should not be happening. I suspect it may be related to obsolete software such as old versions of Windows and/or IE. State of the Art browsers should be sandboxing each web page as a separate application program so that one webpage can't snoop on or modify another -- even though they are running under one browser. Given that you are preventing unauthorized modifications to your system -- and that you are running a State of the Art Browser -- it should be pretty tough for a MITM attack to get into one of your sessions. in validating a key though there are two ways to do it: one you have received the key directly from the owner by a secure means; or two: you have received the key with an authenticating signature attached. that authenticating signature is what Certificate authorities are for. now if the key you are looking at has two or more authenticating signatures you may only need one signature to satisfy yourself that that key is valid before you sign it and assign a trust level. do you need to recognize all the signatures? I'd say that's strictly up to you. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Saturday 12 March 2011 at 8:22:06 PM, in , Robert J. Hansen wrote: > On 3/12/2011 1:05 PM, MFPA wrote: >> How does the WoT idea require me to know the names or email addresses >> associated with the keys in the trust path? The text strings in User >> IDs do not feature in the trust calculation. > Yes, in fact, they do. > In my past, there's an ex-CEO whom I'll just call > "Ben." Ben made some really astonishingly bad > decisions that put him in prison for eighteen months, > and left me with a permanent distrust for him. If I > see Frank has signed Ben's certificate, and I trust > Frank, am I going to trust Ben? > Of course not. Presumably GnuPG factors this into the trust calculations by virtue of the trust level you have assigned to Ben's key, not by parsing his User IDs. > Trust is not transitive. If A trusts B and B trusts C, > there is no requirement that A trusts C. In real life, true. But what about the GnuPG default of trusting a key that carries certifications from 1 fully trusted or 3 marginally trusted keys. Unless you manually inspect each trust path, how would you spot unknown keys from past real-life associates you distrusted? > In fact, if > it turns out A knows C, transitivity can break > completely. Indeed, if you know that a certificate belongs to somebody you actually know, trust *calculations* are irrelevant. Of course you might trust somebody's security procedures and keysigning policy but wish to keep your valuables or your wife well away from him. - -- Best regards MFPAmailto:expires2...@ymail.com A picture is a poem without words -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe+REnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5piV8EAKTN tjx4dkO4XZWWjW/IW+rt39i3YKVsrXcEhpyiH/Gc9RdOMxXaKd+SUkSCDRSAqd0d wl4WFhGQpbR42kAYbMliDAnbKZpxuydlZMbL/MAx2ncZYBMAjQd6RP5FOx/W4NPh 8zeALI92omNd4QGtMLql6bZjKi9waDyV/sjReiCV =slFP -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Saturday 12 March 2011 at 8:14:34 PM, in , Robert J. Hansen wrote: > Product liability is civil, not criminal. OK, balance of probabilities rather than beyond reasonable doubt. > Regardless, > it doesn't matter: for all that judges tell juries > "your job is to determine the truth of the accusation," > a jury's natural instinct is going to be to find a > responsible party. Fair enough, you know more about this than I do. I would expect their natural instinct to be doing the job they were charged with, as quickly as possible so that they could get back to their own lives. - -- Best regards MFPAmailto:expires2...@ymail.com There is no job so simple that it cannot be done wrong -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe9nqnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p2C8EAIrM de47xF1hdJU7EzxaUeZVibVy06f9mNRiaXs/8vw5wIhgGSHOsxvEgU5qMyGoPOQq YOeKUcbFYTlxfYa7OCbLtIl1mKV007Hdyn9FaLXF6tdXKiyRLK6kx+e2NudB+64z Pyd+1Md/AllA4SeAVTXNs4vhuns3vnIsOtX5zTYP =CDp/ -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: For Windows
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Saturday 12 March 2011 at 11:29:34 AM, in , Remco Rijnders wrote: > And as a further side note... the GPG-signature failed > to validate, most likely due to the legalise bla-bla > signature being inserted in the message. I suppose > that disabling that signature might be out of the > original senders control, but since they used a gmail > account, perhaps they should post through gmail instead > of using whatever server that inserts the legal > disclaimer. Or simply use pgp-inline so that the disclaimer comes after the signature. - -- Best regards MFPAmailto:expires2...@ymail.com I would like to help you out. Which way did you come in? -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe9aMnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p2wkD/30N 8nxFAtjiZBaqTPTsHJgmlWjLHAB7OgGck/OKV6h0YiKa7NtW6EFWsnexxze/kQa8 fPxKIPjfXg8CRgcwYAP5k0IF5tnURn7lUO1QN5MyE0rOHhC35t+i1vfq3rtyZ9jQ XPBUmp6Oy+YKSFNGJZyYgibuQK/S0+nW0ji+vzXU =MLhe -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
On 3/12/2011 3:10 PM, MFPA wrote: > After generating the list of possible email addresses, why would a > spammer generate the hashes and search for keys instead of simply > blasting out messages to the whole lot? Beats me. You're the one who's assuming someone wants to harvest email addresses. Imagining a spammer behind it is just part of a thought exercise. Focus on the real issue -- that this scheme you're proposing is not secure against an even mildly motivated attacker -- not who the prospective attacker is. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
On 3/12/2011 1:05 PM, MFPA wrote: > How does the WoT idea require me to know the names or email addresses > associated with the keys in the trust path? The text strings in User > IDs do not feature in the trust calculation. Yes, in fact, they do. In my past, there's an ex-CEO whom I'll just call "Ben." Ben made some really astonishingly bad decisions that put him in prison for eighteen months, and left me with a permanent distrust for him. If I see Frank has signed Ben's certificate, and I trust Frank, am I going to trust Ben? Of course not. Trust is not transitive. If A trusts B and B trusts C, there is no requirement that A trusts C. In fact, if it turns out A knows C, transitivity can break completely. > What would not be visible (at least to people who didn't already know > it) is the identity and email address of the certifying key's owner. So far, you haven't produced a mechanism that will do this. We're still at the "it would be nice if..." stage of your idea. Thus, I really can't respond to statements of what this mechanism would or wouldn't do, since we don't have a mechanism to analyze. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Hashed user ID.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Saturday 12 March 2011 at 5:46:03 PM, in , Ben McGinnes wrote: > As for the casabranca.gov domain, it doesn't even exist > (no DNS records). Probably a Chinaman trying to say "Casablanca"... - -- Best regards MFPAmailto:expires2...@ymail.com Always borrow money from a pessimist - they don't expect it back -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe9TRnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p948D+wYi bde8BCtTsVe90OKtiZnlxr6pl8ynTyjJP88pnFW0Bs+zGYY4px13f6lTQdyUY87h 7W36qX9b/SQB9lV06N0BqxKC2vVSBcQmJHAe7J0rBzErsf47iNkm7NEYJrUrqmhp ZN6RWXWUM1NhoNs//KTwNAw6sxMYMAeh2qKtFQty =lEv1 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
On 3/12/2011 11:55 AM, MFPA wrote: > Determining whether it has been proven beyond reasonable doubt that > the defendant is guilty as charged has nothing to do with the > apportionment of blame. Product liability is civil, not criminal. Regardless, it doesn't matter: for all that judges tell juries "your job is to determine the truth of the accusation," a jury's natural instinct is going to be to find a responsible party. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 9 March 2011 at 1:39:35 PM, in
, Robert J. Hansen wrote:
> 3. Deploying this scheme means:
> (a) people can no longer do fuzzy searches for
> email addresses ("show me all user IDs that
> look like this pattern")
> (b) finding
> people's certificates may be made more
> difficult due to (a)
Certificates with only hashed user IDs would be harder to find than
those that contain the actual name and email address. But easier to
find than those that show spurious information or contain no email
address or name at all.
> 4. My suspicion is the number of users covered by (2)
> is pretty small. My suspicion is the number of users
> impacted by (3) is pretty large. My suspicion is we do
> not have a very good handle on just how difficult we
> need to make things, given the resources available to
> spammers in (1a).
After generating the list of possible email addresses, why would a
spammer generate the hashes and search for keys instead of simply
blasting out messages to the whole lot?
- --
Best regards
MFPAmailto:expires2...@ymail.com
Wisdom is a companion to age; yet age may travel alone.
-BEGIN PGP SIGNATURE-
iQE7BAEBCgClBQJNe9McnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pEYMD/3Q/
Qt8LnJvVjv4Bb88jeiMBFxETBKcfkeJsY5u+dICB9lS7JmKzGoR6gzTod/mZdTMV
9+NuLrlDXcOxQfRZTdd38z6YIf6nBgmRSvAxzG7DH/WCxGVoQkChNV13+pY/rf6c
BBFW2gf/DruOyWHh6jN3IV8YDjdM1p1+0NUAgu71
=3R5z
-END PGP SIGNATURE-
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Thursday 10 March 2011 at 2:58:32 AM, in , Ben McGinnes wrote: > I have. Many, many times. There's no point doing it > for a free email service provider's domain (e.g. > gmail.com), but sometimes there are advantages in > checking for keys belonging to people at particular > organisations (e.g. government departments). This is > one of the reasons why I'd prefer MFPA's suggestion, > were it ever implemented, to be optional rather than > the default. Whatever you do with user IDs is optional, since they are just a free-text field. And of course a user wanting to make their key match more searches could include extra UIDs with additional hashes. For example John Smith could include hashes of example.com and of john.smith. In any event, including the information in hashed form should make the key more likely to be found than if the info were not there at all. > If that feature weren't available, I doubt I would've > found this: > pub 1024D/B3F77236 2000-09-21 uid > Stephen Smith sub > 2048g/0E0EEE5F 2000-09-21 > Stephen Smith was in Opposition when he made that key, > but now he's Minister of Defence. If there was a point there other than curiosity value, it went way over my head. (-: - -- Best regards MFPAmailto:expires2...@ymail.com COMMITTEE: A body that keeps minutes and wastes hours. -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe8uEnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pbxAEAIAh 17OwkWRD6Y72jkJY3RQxub8ycj2buFKS6F7uTrRKad3yaLbPv7Pmh8NKWs42YZa+ jOflm3L53gAD7slSvSWwE2pzeorIZU/Gz0MWdxXSyJUTTykwZHPzvKMwtPL0nQcJ u76y9Q821KbUfiA2gGVTZQjt7wusRF7NEZK29Bot =QdF0 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Wednesday 9 March 2011 at 1:46:53 PM, in , Hauke Laging wrote: >If you want to validate a key by its signatures > and see a signature of an unknown key then there is > (IMHO) no reason why you should know who has certified > this key. This information can easily be abused. Information that has no use to you in the task in hand is just "noise." If it is information about me for which you have no legitimate use, I would rather it were not at your disposal in case of possible nefarious use. - -- Best regards MFPAmailto:expires2...@ymail.com Keep them dry and don't feed them after midnight -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe8LqnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pOl4D/jx2 3yMqLREYequSYhS5lOMyF+i7ItZADI2k74Cj6IzOowSQqrEk2G6wX8xmwI8vBVTP 3VK41B/haudCg9L7B0pQI1YYT2Fjlyb8by1DiN8UOPpq4KJJEt+wvs+oMtq1DmYW w6gJIphvNKu1ZTifXfBZmBsNc4CvCVTe4jLcH4XU =P5Kp -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Hashed user ID.
On 12/03/11 11:56 PM, Charly Avital wrote: > Hi, > > from Terminal, from two different keyservers: > > (1) Barack Hussein Obama (PoC) > 1024 bit DSA key 76F5FE21, created: 2010-04-07 > (2) Barack Hussein Obama (DOD) > 1024 bit DSA key 0B72EB0F, created: 2009-04-27 They're all fake. Currently there are two dozen keys for presid...@whitehouse.gov, of which my favourite is 0x5F3FDC7E. Using any of these keys will just result in sending encrypted email to the whitehouse that they probably already have a filter to discard. As for the casabranca.gov domain, it doesn't even exist (no DNS records). Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Thursday 10 March 2011 at 1:34:13 PM, in , Robert J. Hansen wrote: > A public certification is intended as an > announcement to the world: "Hey, world! I am [name] > and I vouch for this certificate!" Which most people will hear as "Hey, world! I am somebody you don't know and I vouch for this certificate!" > If people want to make public pronouncements of social > relationship, why in the world would you want to deploy > a technology that makes it difficult to discover this > social relationship? I don't think anything has been suggested here that would make it difficult to discover the social relationship. Just a means to make the public pronouncement without publicly stating your identity. And to do so in such a way that people who already know your identity can tell it is you that made the pronouncement. - -- Best regards MFPAmailto:expires2...@ymail.com Only dead fish go with the flow -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe73lnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pWrED/jE7 3QaDWRXhk5W5X8/cPvJ0bR8BqceuEND5Cpy+SqrtWO2TxnSH2KxYRiqRm8lr5yuk CMPEvmugRdacynVzg7Smr33H01oSfl/Zi+tPjpMzDsYiKMnMKHwt3WkncqKNvgdW kvbPqU5IJgUVBH5HRad+4YeDUwN1gLa2YVZkfj0Q =gKTd -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 11 March 2011 at 1:54:57 PM, in , Robert J. Hansen wrote: > It is useful to quite a lot of people. Look at how > many people map out webs of trust for entirely innocent > purposes. In fact, mapping out webs of trust is > necessary for the WoT idea to even work. "Well, I've > signed Frank's key and I see that Frank's signed > Gianna's key, and I trust Frank so..." The WoT can be mapped with or without names. In your example, how is your trust enhanced by knowing Gianna's name? "I signed Frank's key and I see that Frank's signed a key that has user ID '7b7581fe6670a6a4a29b2fd46eaf5ac34a6a86d134fe8931729e66970b707349 <466ffe71badce782db1808ee80bd01dabf0d95e4a3b8ccbbe5fcdc68b86c2bb9>', and I trust Frank so..." How does the WoT idea require me to know the names or email addresses associated with the keys in the trust path? The text strings in User IDs do not feature in the trust calculation. >> It's perfectly OK for me that you can see that I have >> signed Ben's key but why should others know that? > Because this is not an ORCON system. The system is > built around public certifications and private > certifications. You're talking about introducing an > entirely new method, something which seems basically > like an ORCON certification: "I'll make the > certification, but I get to control who gets to learn > about the certification." That one sentence quoted in isolation from Hauke could be construed in that way. But take into account the context and it becomes clear that he was saying no such thing. A certification made by a key that had hashed user IDs would be just as visible as any other certification. What would not be visible (at least to people who didn't already know it) is the identity and email address of the certifying key's owner. - -- Best regards MFPAmailto:expires2...@ymail.com A nod is as good as a wink to a blind bat! -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe7X4nhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pGoQD/jR0 q47WKypv3KVj2prv09mYxLKbYakIPSR4wF57LoEMOg0J3WpD6ceGURsWJX8lovDv ii4VHB3jcGWgupYa0EzsOYGxZviHVWi+TNgblNHEcsUH4+ucIHqoh6nRoyWrOUGD 2C/ojDYkipYM+ISTWq9cSgHv+hiV1EgY8HlOPKf2 =aYPX -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Thursday 10 March 2011 at 1:18:36 PM, in , Robert J. Hansen wrote: > Remember that a jury trial is often not so much about > the law as it is about blame: if something bad happens > the jury wants to be able to point at someone and say, > "that person is responsible." Determining whether it has been proven beyond reasonable doubt that the defendant is guilty as charged has nothing to do with the apportionment of blame. - -- Best regards MFPAmailto:expires2...@ymail.com The best way to destroy your enemy is to make him your friend. -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNe6WenhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pRfMD/iw2 OXYwUxfEbX1kBJanilJCHCJywTXapANwqeM3IoToOS2vq5Z/n9YRlGLjMjmUS7W4 rrQsG1wlGKpTIOTLtb9B9CsheVirEE+kX5b2zEG0ZdVkQG536t0nvUpCo+3pfOvo f2bUAzLr+p+XNCIW66ev/B8iITGV2l6/4Xxf1HmL =GJI3 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hashed user ID.
Hi, from Terminal, from two different keyservers: (1) Barack Hussein Obama (PoC) 1024 bit DSA key 76F5FE21, created: 2010-04-07 (2) Barack Hussein Obama (DOD) 1024 bit DSA key 0B72EB0F, created: 2009-04-27 presidente can be Portuguese, Brazilian or Spanish casabranca is both Portuguese and Brazilian "PoC" no less that 94 acronyms can be Googled. I don't know whether PoC stands for some Portuguese or Brazilian function. DOD, Department of Defense? Phishing? Charly I didn't actually download the keys, so I don't know what's in them. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: For Windows
On Fri, Mar 11, 2011 at 04:56:11PM -0700, Aaron Toponce wrote: On a side note, you may wish to re-evaluate your email signature. Confidentiality notices are usually annoying to most recipients, especially on mailing lists, where the email is publicly accessible on the Internet for all to see. And as a further side note... the GPG-signature failed to validate, most likely due to the legalise bla-bla signature being inserted in the message. I suppose that disabling that signature might be out of the original senders control, but since they used a gmail account, perhaps they should post through gmail instead of using whatever server that inserts the legal disclaimer. Remco signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
