Re: Call me crazy, but ...
It's the same as putting any other public information in public key certificate. You can put first and last name, email address and even photo of another person. In general: unless we have other trusted person to verify that public key belongs to certain person, we can not ensure key owner identity before we have some transactions signed with this key. And we should not only trust person that has verified public key certificate, we should also know and trust the procedure this person used to verify public key certificate. And this is very important if there is a dispute, say about a signed contract. This was the flaw in pgp's web of trust: verification procedures were not known. Best regards, Viktor Ageyev CEO, Cryptonomica.net On 14/07/2021 15:45, Стефан Васильев via Gnupg-users wrote: if a person, within the EU, would put his COVID vaccination certificate QR-Code in his pub-key as photo-ID I would say that than another GnuPG user, within the EU, or maybe later in the U.S. and elsewhere too, would have the assurance, without that the public key is otherwise signed, that this pub key belongs to that person. On GitHub is a decoder available, which allows users to verify the digital signature of such COVID certs, with trustlists from EU member states. https://github.com/stapelberg/coronaqr Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP key verification + legal framework
On 10/11/2018 13:40, MFPA wrote: Many people would not be prepared to do this because Google now demands a phone number in their sign-up process. Nobody needs a phone number in order to provide an email account, it is just an additional piece of personal information for Google to abuse. We also require phone number check to verify user identity. If you want to stay anonymous, you can not verify your identity. It doesn't seem to me that every internet site should have its own separate login-password system, in most cases it is better to use the existing secure solution. Too many eggs, too few baskets. Crack the user's login on one site and you've cracked it on all. Most logins connected to email. Crack email, and you got them all. What is the difference if you use the same login as for email? Best regards, Viktor Ageyev ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP key verification + legal framework
On 06/11/2018 20:33, Dirk Gottschalk wrote:
In the EU the use of "qualified" signature is mandatory if it comes to
legal issues. Between private companies it is okay to just use OpenPGP,
but, if it comes to legal issues, one party could deny the validity of
the signature because it is not accepted as a legal signature format,
at least in Germany.
According to EU regulation (https://en.wikipedia.org/wiki/EIDAS)
signatures made by keys verified on Cryptonomica can be considered as
'advanced electronic signature (AdES)'
(https://en.wikipedia.org/wiki/Advanced_electronic_signature), but not
as 'qualified electronic signature'
(https://en.wikipedia.org/wiki/Qualified_electronic_signature)
AdES is still legal way to sing documents and contracts. Following
Article 25 of the eIDAS regulation an advanced electronic signature
shall "not be denied legal effect and admissibility as evidence in legal
proceedings solely on the grounds that it is in an electronic form or
that it does not meet the requirements for qualified electronic signatures".
But we have an ultimate solution, that can be used regardless of local
laws. You can put in contract an arbitration clause, like this:
"Any dispute, controversy or claim arising out of or relating to this
agreement, or the breach, termination or invalidity thereof, shall be
settled by arbitration in accordance with the Cryptonomica Arbitration
Rules (
https://github.com/Cryptonomica/arbitration-rules/blob/master/Arbitration_Rules/IACC/IACC-Arbitration-Rules.EN.signed.md
) in the version in effect at the time of the filing of the claim.
And unless the parties agree otherwise in writing:
The place of arbitration shall be: London, United Kingdom.
The language to be used in the arbitral proceedings shall be: English.
The number of arbitrators shall be: one.
The arbitral tribunal shall decide ex aequo et bono"
Where 'ex aequo et bono' means that arbitrators will dispense with
consideration of the law but consider solely what they consider to be
fair and equitable in the case at hand. And yes, arbitration award
('judgment') will be recognizable and enforceable in almost any country
according to Convention on the Recognition and Enforcement of Foreign
Arbitral Awards (
http://www.uncitral.org/uncitral/en/uncitral_texts/arbitration/NYConvention.html
)
Best regards,
Viktor Ageyev
CEO/CTO, Cryptonomica.net
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP key verification + legal framework
On 06/11/2018 0:42, ved...@nym.hush.com wrote: But suppose I want to use my existing key that I made over 10 years ago, and it is known and trusted by the people I deal with, but it happens to have more than 1 e-mail ID (not rare to switch an e-mail account in 10 years) Does this mean that it cannot be used in your system, even if you can get the preferred email to register in google, and you have passport personal verification, just because there is another ID attached? We can not verify all email addresses in your public key certificate as yours, just because we have verified your 'preferred email'. I would suggest: 1) Remove all other user IDs except the one with preferred email, as described on: https://crypto.stackexchange.com/questions/9403/how-can-i-remove-my-personal-data-from-my-pgp-public-key 2) change validity term of your public key certificate to 1 or 2 years. Than you can upload your public key certificate to Cryptonomica and verify it. Fingerprint (and your private key) will be the same. Best regards, Viktor Ageyev CEO/CTO, Cryptonomica.net ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP key verification + legal framework
On 05/11/2018 21:50, Wiktor Kwapisiewicz wrote: Have you considered an alternative approach to email verification? For example just sending an e-mail (probably encrypted) with a one-time verification link? Yes, we considered this option. But we can not be sure that user uses secure email system, and this link can not be read by somebody else. For now, using Google’s login system seems to be the most reliable and secure solution. Our backend works on Google App Engine, and thus we don’t have our own login-password system and, accordingly, it is impossible to crack it unless you hack Google. Yes, of course Google can find out the public certificates associated with Google accounts, but any other user in our system can do this. That way non-Google users wouldn't be excluded. > (Actually this approach > would work for Google and non-Google users alike). You can register a Google account with any email address. Simply, instead of creating an account on our service (another password that needs to be saved), you create an account on Google, or use an existing one. It doesn't seem to me that every internet site should have its own separate login-password system, in most cases it is better to use the existing secure solution. > Sending an encrypted e-mail additionally verifies that the user controls > the key in question. But you can easily send email with any address in 'from' field. It does not mean you really control this email address. Best regards, Viktor Ageyev CEO/CTO, Cryptonomica.net ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP key verification + legal framework
On 05/11/2018 21:12, Juergen Bruckner wrote: If I want an "independent" ID verification on my GPG key, I can also use CAcert. There the signing of GPG keys is offered for a long time. Signing is easy. The difficult part is 1) to create a system in which you can prove that the key really belongs to the user specified in the userID 2) to make contracts singed by verified key legally recognizable and enforceable. We are working on 1) and 2) For 1) I mean the case when users has signed a document or contract, and after that this user claims that the signature was not made by his key. In such case, I think signing keys on 'key signing party' is not reliable. There must be a known key verification procedure, and a permanent repository of information and documents that were used to verify the key. And we actually not sign keys. From two reasons: a. If you automatically trust the signing key, compromising the signing key breaks the entire system. b. In many countries, generating or signing cryptographic keys requires a license. We create a system that should work the same way and legally in all countries. And we do not sign key certificates. We only attach to them information about the owner of the key, which the user manually checks before adding this certificate to his list of trusted certificates. Best regards, Viktor Ageyev CEO/CTO, Cryptonomica.net best regards Juergen Am 05.11.18 um 18:03 schrieb Damien Goutte-Gattat via Gnupg-users: Hi, On Mon, Nov 05, 2018 at 05:13:41PM +0100, Juergen Bruckner wrote: I just tried to register with a key who has several user-ID's (e-mail-adresses) and I always got the error that the user-ID is not the same as in log-in/registered e-mail. From what they say on the home page [1] this is expected: your key is supposed to have only one user ID whose email component must match the email address of your Google account... ... which, by the way, is a big "no" for me. :/ Damien [1] https://cryptonomica.net/#!/ To become member of Cryptonomica: [...] Public PGP Key should have one user ID with first name, last name and user e-mail. E-mail in the key should be the same as in Google account, that you use to login to Cryptonomica server. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP key verification + legal framework
On 05/11/2018 19:03, Damien Goutte-Gattat via Gnupg-users wrote: From what they say on the home page [1] this is expected: your key is supposed to have only one user ID whose email component must match the email address of your Google account... ... which, by the way, is a big "no" for me. :/ Because of Google or because of "only one user ID" ? Best regards, Viktor Ageyev CEO/CTO, Cryptonomica.net ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP key verification + legal framework
On 05/11/2018 18:13, Juergen Bruckner wrote: I just tried to register with a key who has several user-ID's (e-mail-adresses) and I always got the error that the user-ID is not the same as in log-in/registered e-mail. We use the rule, that userID should contain user's fist and last name exactly as in passport, and only one email - the same as used for login. So we can verify it's really your email. And yes to see the list of Notaries before registration would be very good. Actually, we are going make notary verification optional after online verification. Online verification works for everyone, but building network of notaries takes time. Best regards, Viktor Ageyev CEO/CTO, Cryptonomica.net regards Juergen Am 05.11.18 um 17:01 schrieb Wiktor Kwapisiewicz via Gnupg-users: On 05.11.2018 15:21, Viktor wrote: Dear All, (...) I would be very interested to hear feedback, criticism and suggestions on our project. And also to establish contacts with people interested in cooperation. Looks interesting. But the language on the registration dialog [0] seems a little bit unsettling: user personal data provided for key verification stored for forever and can not be deleted or removed by user's request. Maybe it would also be a good idea to provide a list of locations of Notaries before registration. I'd like to see if there is one nearby, if not, there is not much benefit for me to register (at least now). Kind regards, Wiktor [0]: https://cryptonomica.net/#!/registration ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP key verification + legal framework
On 05/11/2018 18:01, Wiktor Kwapisiewicz wrote: user personal data provided for key verification stored for forever and can not be deleted or removed by user's request. Yes, that's the point. If my counterparty had signed some contract or document, he/she should not be able to delete his/her public key certificate and data used for its verification. So in case of dispute I can prove that he/she really signed the document. This is exactly the part that is difficult to ensure, especially given the new European legislation (GDPR). We needed to develop a justification for this. We had registered by U.K. Information Commissioner's Office (https://ico.org.uk) , hired certified Data Protection Officer etc. Maybe it would also be a good idea to provide a list of locations of Notaries before registration. I'd like to see if there is one nearby, if not, there is not much benefit for me to register (at least now). For now we have connected notaries only in Tel Aviv and Kyiv. The main verification method is online verification, and we have already users with verified keys from 34 countries. Best regards, Viktor Ageyev CEO/CTO, Cryptonomica.net ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
OpenPGP key verification + legal framework
Dear All, we create a service for OpenPGP key verification: https://cryptonomica.net It's open sourced https://github.com/Cryptonomica/cryptonomica and it has legal part ( see: https://github.com/Cryptonomica/cryptonomica/wiki/Cryptonomica-White-Paper ) aimed at creating an international system of legally recognized and enforceable contracts based on OpenPGP. I would be very interested to hear feedback, criticism and suggestions on our project. And also to establish contacts with people interested in cooperation. Best regards, Viktor Ageyev CEO/CTO, Cryptonomica.net ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Top-posting
On 2016-04-29 06:54, Paul R. Ramer wrote: > Personally, I would rather not have to hit the "Page Down" button > *every* time I wrote an email (provided I have full-size keyboard). If > you are always varying from the defaults in a consistent way, then the > defaults need to be different. Besides, think of the cumulative time > wasted scrolling or paging down for every you write email. ;-) [1] In Thunderbird, you can set "start my reply below the quote". You still need to remove everything from the reply that you are not directly responding to. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: where is gnupg configure file
Are you sure that you are using gpg2? private-keys-v1.d only contains private keys for gpg2. gpg1 stores them in ~/.gnupg/secring.gpg or something like that. If enigmail uses gpg2 and you created your key with gpg1, they will not see the same keys. '--version' is your friend. IIRC, using the key with gpg2 will import it from gpg1. There was a nice online FAQ entry or something alike where the process is described, but I can't find it at the moment. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: EasyGnuPG
On 29.03.2016 05:53, Daniel Villarreal wrote: >> Depending ... the gnupg 2.x executable is still called 'gpg'. I >> guess it depends on if the distributor wants to keep easy backwards >> compatibility. On archlinux,.. only one gnupg package ... The >> executable is called gpg...Regards, Viktor To make my statement more precise, the executable is called gpg2 and /usr/bin/gpg is a symlink to /usr/bin/gpg2. If one wants to use 1.x, one needs to install it from the arch user repositories. Archlinux is not known for emphasizing backwards compatibility. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: EasyGnuPG
On 28.03.2016 19:16, Daniel Villarreal wrote: > Should we not strive to use gnupg v2x ? I always try to use gpg2 on > the command-line, whereas documentation seems to show gpg. > > example... > Encrypting and decrypting documents > https://gnupg.org/gph/en/manual.html#AEN111 Depending on the system, the gnupg 2.x executable is still called 'gpg'. I guess it depends on if the distributor wants to keep easy backwards compatibility. On archlinux, for example, there is only one gnupg package and it currently ships 2.1.11. The executable is called gpg. I'd think all distributions will do that at some point since 2.x is meant to replace 1.x. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: EasyGnuPG
On 22.03.2016 23:10, Dashamir Hoxha wrote: > You got this wrong. It does not enforce 1 month expiry. Right after > creating the key you can change its expiry to 10y, if you wish. But if > you say nothing, after 1m you will have to renew it (if you still > remember the passphrase). This is like a safety measure for people who > are not familiar with gpg. In this case, I think you have got a point. I think the gnupg default of 'expires: never' is not the best solution, since people who just try it out might end up with a public key published to keyservers where they have lost the private key. Of course, this is not different from fake keys published by third parties, as long as there are no relevant signatures on it nobody should trust them. But I still think it might be better to set a default expiry of, let's say, 1 year and two months for the primary key and one year for the subkeys. Then there is the problem that the user might not notice that his key is expired. I remember vagely spending a day trying to find the error until I noticed that my subkeys were expired. But this might have been a problem with Enigmail, which did not give a clear error message. However, one month is IMHO too short. But maybe I'm not the best judge since the last time I wrote an encrypted email was multiple months ago and I only once in my lifetime got an encrypted email except for testing purposes. Renewing my keys every month (and, which is more difficult than simply remembering to do so, distributing them between the couple or so machines where I read email) would be too much of a hassle. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K'
Thanks, I found it myself but since the sender of a mail to the list does not get a copy of it, I could not simply reply. If I use '--list-options show-unusable-subkeys', I see the missing keys, they are simply expired. Sorry to disrupt. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K'
Hi, is there a possibility to list what each of the private keys in ~/.gnupg/private-keys-v1.d is? Some of them I recognize in the listing of 'gpg --with-keygrip -K', but there are six files in the folder while only three keygrips are shown by the command (one of which is the master key and not present in the folder). I guess these are expired subkeys which I somehow deleted from my keyring, but why would the private keys still be present? Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Should always add myself as recipient when ecrypting?
On 21.03.2016 10:44, Paolo Bolzoni wrote: > Dear list, > > The subject pretty much says it all already, I am using GnuPG 2.1.11 > (with libgcrypt 1.6.5) and I was wondering if I should always add > myself as recipient when encrypting a file, of course, in addition of > the real recipient. > > Is there a reason not to? Hi, I guess if you have a reason to keep a copy in your 'Sent' folder (talking about email now) you have a reason to also encrypt to yourself. Especially for IMAP, where all you email correspondence is synced between multiple devices, you will not want to keep the cleartext file only on one machine and you will not want to put the cleartext on the server, so you will encrypt it to yourself and store the result on the server. One might argue that you should send a file that is only encrypted to your recipient and store a file that is only encrypted to yourself, so if one of you deletes his copy, the attack opportunities are also reduced. I know that Enigmail has the option to save draft messages encrypted to oneself, but I am not sure what it does with encrypted sent messages. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: EasyGnuPG
On 21.03.2016 18:38, Peter Lebbing wrote: > $ gpg2 -Ar de500b3e -e file.txt > > is nicer than: > > $ gpg2 -o file.txt.gpg -r de500b3e -e file.txt Actually, it seems that if you omit -o, gpg2 will do exactly this. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: (OT) mathematicians-discover-prime-conspiracy
On 2016-03-18 13:18, Peter Lebbing wrote: > Can someone point me in the direction of the solution to this > counterintuitive probability theory result? Any of a common name for the > property, a mathematical explanation or an intuitive explanation are > much appreciated! Any match of a pattern (HH or HT) to a sequence of coin tosses can be either align (i.e., starting at the first/third/fifth etc. toss) or misaligned (second/fourth etc.). If you count the number of aligned matches in a sequence of a given length, you will get the same probability regardless of the pattern. The same with the misaligned matches. However, the number of aligned and misaligned matches is not independent. For HH, they are correlated (if one pair of tosses is a match, the two overlapping ones are each matches with probability 0.5 instead of 0.25) while for HT they are anticorrelated (if one pair is a match, the overlapping ones can't be matches). Therefore, you will find more matches for HH than for HT. If you toss until you get a result, with HH you will get it quicker on average. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Remove photos from OpenPGP key in the keyservers
On 08.03.2016 16:33, Daniel Kahn Gillmor wrote: > Sorry, but no. The keyservers are globally-synced and append-only. you > will not be able to remove stuff once it's posted there. I always wondered what would happen if someone uploaded something to the keyservers where he has no permission to do so. Maybe some revealing photograph of someone. It might also be possible to somehow use the keyservers for file sharing, although it might be difficult to do so since they probably have a file size limitation. How do keyservers manage DMCA claims? Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryption of multiple files into another directory
On 05.03.2016 19:33, Josef Carnap wrote: > It looks as if the files simply were copied to folder_2. But when I try > to open the *.docx files with Libre Office for example I can see that > doesn't work. > So I guess the very problem ist the missing file extension *gpg for the > files in folder_2. > > Do you have any idea to modify the command so that the files in folder_2 > are: foo1.docx.gpg, foo2.docx.gpg, foo3.docx.gpg etc. (without renaming > the files manually)? Hi, the filenames are not important for the content of the files. If you run the 'file' command on the files (i.e., "file /media/usb/folder_2/foo1.docx"), it should tell you that these are indeed gpg-encrypted files. You can simply rename the files to add the '.gpg' extension if you want. The original command can be modified as for x in /media/usb/folder_1/*; do gpg2 -o "/media/usb/folder_2/$(basename "$x").gpg" -r 0x12345678 -e "$x"; done if you want to append the extension directly. Best regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: advice please
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 2015-12-27 07:11, Rob Landau wrote: > Good day, I have just received my first Linux system (Ubuntu > 14.04) It has Seahorse installed, but I don't see any GnuPG > application. How can I determine if there is a GnuPG installed, > and if so where to find it. Searching the Dash for GnuPG reveals > nothing, and there doesn't appear to be any program in the Ubuntu > Software Center If I remember correctly, the set of 'applications' on an Ubuntu system is only a subset of the set of packages. Specifically, applications are only programs that, when installed, have entries in the menu (or its Unity replacement). Programs that are console-only are usually not listed in the menu and it is possible that they are also not listed in the Software Center. So the fact that there is no application called gnupg does not mean that gnupg is not installed. It probably is. Maybe just open a terminal and type 'gnupg', that way you can be sure. Regards, Viktor -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWf7egAAoJEPNGVztcQuQ/tCEIAIJvdwTYOWxvp1mmO9q6BYw/ GTG20Oy6zwrQY3TMUeU7qb0ehTLhDPkvXk4XfXPr3izkwyUeZS9BEW5QEcj9ivZ6 d+Nm1oKW495KNY2Gj1sjbUD/zV5I9LlteMDa5xwNfa91dxjp3bXHErrFdJ9tnxAA e47NgpaZ42Z2v7I0bCxddJhuiAhFKU7do+dDwnb3VTuBH5X40cfdLz/2yPCmCvSr a2Egm7/PTJDZTO8clJUITvYq7WCMMElOp6B1qYEeimTpyv2Xv/upqGgwUuTMDy19 xikbKmo3Pzz4W9WcfmZSPnMwwXDChm5Gxtis6g/UTvT0mqApayp6ayIj0NRpnLg= =WSp8 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: protecting pub-keys from unwanted signatures
On 16.08.2015 16:26, Stefan Claas wrote: if i understand you correctly it would not help me if someone would sign my key without my approval, so to speak. Sure it helps. If Alice signs my key and Bob wants to send me something and trusts Alice, he can derive some trust that my key is also genuine. One could argue that anyone who I do not know and who anyhow signs my key will probably not be (rightfully) trusted by anyone. However, some magazines (I'm thinking of c't) for example might put their fingerprint on each issue and someone who buys it might sign their key so that some friend of theirs who has not direct access to that can still be somehow sure that the key is correct. I haven't looked at Facebook's public key, but let's assume that I want to send them an e-mail and tell my client 'get the key of i...@facebook.com'. It will download the key with a lot of signatures, some of which might be owned by someone in my web of trust. This person has probably just checked that the fingerprint given on their webpage matches the one of this particular key, but then that's something I do not need to check myself. (Not sure if that should be enough to sign a key, though...) Kind regards Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Proposal of OpenPGP Email Validation
On 2015-07-30 16:39, MFPA wrote: On Thursday 30 July 2015 at 1:43:35 PM, in mid:55ba1bf7.4090...@enigmail.net, n...@enigmail.net wrote BTW, as another example, several keys of t...@gpgtools.org are faked (search for these keys and the the interesting result). Sorry, I don't see a result that leaps out at me as interesting. Are you willing to elaborate? I'd say if one searches on a keyserver, it is pretty clear which key is real. I'm a bit worried because when I search with Enigmail it does not show the signatures, so from there they all seem equally valid. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Proposal of OpenPGP Email Validation
On 31.07.2015 01:11, MFPA wrote: Only if you download the key from the GPGTools website and find the key-id first. (If the GPGTools team shows their key ID or Fingerprint on their website, I failed to find it.) On the front page they have 'to verify the signature, please download and import our updated key' right below the download button. There is no fingerprint, but the whole key is there. But I was talking about the fact that of the six results, one has hundreds of signatures. Sure, in the web of trust concept this doesn't mean anything unless there is a (short) trust chain from me to one of these, but in practice this still significantly rises the chance that it is the correct key (and it is, I checked with the one on their homepage). My output from searching a keyserver for gpgtools.org:- 'gpg --search-keys' does not seem to give a list of signatures (which explains why enigmail also doesn't), I was searching using a web interface. I guess this is because it is assumed that signatures do not mean anything without a trust chain. But if I had to bet money on one of the keys, I would still take the one with hundreds of signatures. However, what would be different if one of the keys found happened to carry one of your proposed email address validation signatures? If I could quickly check (or rather, my client could do that automatically) that the signature is also found on their web page, I can assume that either the web page is fake (which is unlikely for something known like ccc.de), it has been hacked (unlikely for a random troll) or someone intercepted either my HTTP request or the original verification e-mail (possible with a secret service, unlikely with a troll). Therefore, it will raise my estimated probability that the owner of the key also has access to the mailbox, which will pretty surely now be much higher than for any fake key. The advantage with respect to the proof of work concept is that the procedure is asymmetric: it costs much more to troll than to verify a genuine key. Best regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Proposal of OpenPGP Email Validation
On 2015-07-30 10:17, Ingo Klöcker wrote: I'm sorry to tell you that you have fallen into the trap. There is only one genuine pg...@ct.heise.de key the fingerprint of which is printed in each issue of the c't magazine. The other one is a fake. And the fact that the fake key with the author's email address is signed by different keys only means that a lot of people have signed this fake key without following the proper procedure of key validation (or that the trolls created even more fake keys to sign the author's fake key to make it look more credible). Not according to http://www.heise.de/security/dienste/PGP-Schluessel-der-c-t-CA-473386.html where three different keys are listed (two DSS and one RSA). signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Proposal of OpenPGP Email Validation
On 2015-07-29 18:24, n...@enigmail.net wrote: So, could somebody explain in a bit more detail how a PoW approach works? As far as I understand it, for any key that you have - regardless whether you have access to the mail address in the uid - you can add some signature where anyone with the public key can quickly check that the person that posesses the private key has spent a specific amount of computing power (p.e., 1 week with an average PC) to create this signature. It is hard to create the signature (impossible without the private key, a lot of computing power with it) but easy to check. Essentially, you create the possibility to make a key 'premium' by spending this time and hope that trolls who flood the keyservers with fake keys will be deterred by the costs. Anyone who does not have any problem with trolls can of course still upload a non-premium key. I myself find the idea not so appealling. I would not like it if after creating a key my machine had high CPU load for a couple of weeks. And I doubt that many trolls will be deterred by it - the number of fake keys per time interval will go down, but since they are anyhow going out of their way to create problems for others without any gain for themselves, I think a significant portion will still do it even if it costs more. I rather like the idea of servers that offer to sign your key (or rather a specific UID) and send it to your email, encrypted to you. For the user this just means that if he has the problem of trolls using his address he has to send his key to such a server or upload it in a webinterface, then receive the mail, decrypt it and import the contained signatures to his key, and optionally upload his new key to a keyserver - with enigmail, for example, everything done within a few clicks. Anyone who looks for a key to a specific mail address on a keyserver will probably, when faced with multiple results, take the one that has most signatures (and isn't expired) - especially if some of the signatures are from email-verification-sounding hostnames. Therefore, there is no necessity to create a whitelist of servers (but it can be done, if a user decides to trust signatures of a specific server) and it is still decentralized - anyone can set up such a verification server. Of course with a lot of effort, a troll could still try to create a complete fake network and cross-sign different keys. But here the amount of work to be done for a troll is much bigger than that for a genuine user, so hopefully it will not be a problem. It would also be possible to check for known services if the signature is actually theirs (by checking the key with that on the homepage or something like that), but of course it should have been possible to do that with the original recipient already... These signatures should expire after a year or so, so keys where the owner no longer has acces to the private key will loose these signatures after a while. I myself have two older keys from early experiments (where I did not specify an expiry date) uploaded to the keyserver network, but I guess anyone who looks me up will take my current key, because it has much more subkeys (which I now change every year) and also some signatures. Now that I think about it - if I search for the original author of the c't article (j...@ct.de), who complained about getting mails that were encrypted to some fake key, I would assume that the keys 38EA4970 and E1374764 are both genuine, because they both have not only selfsigs. BTW, they are both signed by different keys with the UID 'pg...@ct.heise.de', so they already have a similar service in place - of course I had to do a websearch to find if these keys are genuine, which should probably be easier. I guess ideally the UID would contain a weblink to a page that has the fingerprint and describes the service shortly. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Merging private subkeys into other key
On 04.07.2015 14:03, Juan Miguel Navarro Martínez wrote: I could do it myself by importing the keys in GPG 2.1, then exporting them. Hi, thanks for the quick reply, but I am using GPG 2.1.5 and 'gpg --import sec.key' does not seem to work if there are already other subkeys of the same key present. I guess the patch mentioned in the link in my earlier post has never been accepted into the source code. In principle I also found this problematic on earlier occasions, namely even if I the key on my backup partition was up-to-date and I added a new subkey there, it was somehow non-intuitive to get the keyrings on my PC and laptop up-to-date. It seems it is necessary to delete the complete key from them first and then re-import them. Or is there a better way? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Merging private subkeys into other key
OK, it seems that the actual problem was that --export-secret-subkeys does not work if I leave the passphrase empty. Since my hard disks are encrypted, I usually do not have passphrases for my secret keys and since GnuPG 2.0 this created some problems. When I exported them with a passphrase and imported them, giving that passphrase, they are correctly merged into the existing key. Afterwards the passphrase can be deleted again. I now also understand why gnupg is always asking multiple times for a (new) passphrase when exporting or changing the passphrase - it seems to have a different passphrase for each subkey. Of course this is not very helpful if the dialog does not specify which key is about to be changed. I guess I should file a bug report for this, if I create a new subkey every year it will take quite a while to export the complete key if I have to type a passphrase for each of them in a few years... Thanks, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Merging private subkeys into other key
Hi, there has already been a discussion on this two years ago, see https://lists.gnupg.org/pipermail/gnupg-users/2013-September/047567.html I have been following the intstructions on https://wiki.debian.org/Subkeys for some time now, with my master key only residing on my backup disk and several machines having only the subkeys. But now I somehow have the problem that only an older version of the master key is still there, so I have one keyring with the master secret key but without the most recent subkeys and another with the most recent subkeys but without the master key. Does anyone have an idea how to merge them? Using --import results in ### gpg: Total number processed: 2 gpg: unchanged: 1 gpg: secret keys read: 2 ### I also tried ### $ gpg --homedir /mnt/backup/.gnupg --expert --edit-key keyid gpg addkey Please select what kind of key you want: (13) Existing key Your selection? 13 Enter the keygrip: output from gpg --with-keygrip -K No key with this keygrip ### I am not sure what the keygrip is, but I guess it is only valid within the same keyring or something? Any help is greatly appreciated. In a month or so I need to create new subkeys and I would rather not lose my current subkeys. Regards, Viktor signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
