MUA automatically signs keys? (was: Re: Non email addresses in UID)
Hi Steve, gnupg users, * Steve Jones st...@secretvolcanobase.org [24. Jan. 2014]: Which reminds me that I'd really like an email client that automatically signs keys at level 1 (persona) of anyone who replies with a signed email that quotes a significant portion of the text I sent, as this effectively counts as a challenge response protocol in my book. That's an interesting idea. But there is still the possibility of a man in the middle attac... The web of trust is supposed to counter MITM attacks by signing keys only if the verification was done directly (no middle person). Ciao, Gregor -- -... --- .-. . -.. ..--.. ...-.- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Tuesday 28 January 2014 at 11:37:25 PM, in mid:20140128233725.6b12b3d0@steves-laptop, Steve Jones wrote: A more sophisticated approach would be for OpenPGP to include a new signature type for this purpose. There are already more than enough signature types. Wouldn't this lend itself quite well to using a signature notation? - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net The greater the power, the more dangerous the abuse. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlLpmzZXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pOPoD/jfjg+2GAHzjy9XPrU7b5LR+HZuCNpP2nzcC EImp/7oEuWTEV1l/9nuUcK9mXzt0JSOsDvALilC9HEvhW82y3vj0kPWh3oz0BCo1 uo2W+n5Q8GDRsIBDXYKkHyBIwJKac2Z++QURPcADdYtf+IJchEJP2KUcbbk5UOtq nw75NoVs =nY4e -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 24 January 2014 at 11:08:16 PM, in mid:20140124230816.6ec33e69@steves-laptop, Steve Jones wrote: I'd really like an email client that automatically signs keys at level 1 (persona) of anyone who replies with a signed email that quotes a significant portion of the text I sent I'm guessing you would want the automation to skip keys that signed messages messages that were replies to your mailing-list postings. - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net Live your life as though every day it was your last. -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlLpnC5XFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pSAgD/3eJUrZAsUf3C7geT9RhaHNkSyAf9gUvkCMg zymBKAfLuYmuACEdKsRgrgOQfkfE53dNBEHvRb2FAs+TCexut3y+qTxsA8/3dbMp pxaFnKuwubc9bUAXfAgzK1BsjMiq6zo7zjD0+1sKXDvgyuGMfL/YxqpH03VPXyyR 9JkWdZDr =RuXo -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, 30 Jan 2014 00:22:08 + MFPA 2014-667rhzu3dc-lists-gro...@riseup.net wrote: On Tuesday 28 January 2014 at 11:37:25 PM, in mid:20140128233725.6b12b3d0@steves-laptop, Steve Jones wrote: A more sophisticated approach would be for OpenPGP to include a new signature type for this purpose. There are already more than enough signature types. Wouldn't this lend itself quite well to using a signature notation? Yes, in fact a policy url may be even more appropriate. - -- Steve Jones st...@secretvolcanobase.org Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJS6aWPAAoJEEgVHtdrBwIARAsH/18vWhC4H+9HZlf+t8/ITrkr gqs4nV9M30M3k3o6d/Zj0eCn15Wj0cuaAem5o3oW/owXmvaM1GBkkoqDcnNlfN8S SQwKqNW01KuFYYel9fa37ahgM6I6LrgeRj6R24MehNN1tzPas8RTCJb+WcGgaROY 9niJF0LlgqhHEptvvBgrzMRV5LY6/gXOkLULohyhG7Md4tud98TAPD68hUo/A+in wVWBnIu/Gjjva29Je5l68l40AhCRclCA6Jg2qV7pSqexkQMXHS6aJcTKuj64TKc6 u2UdUtQq+XdeP6/k3jGhTuMkxcZtq0p41RK4KTqLYF1F09e9EOq7bUK1Mtd02Ps= =Zaxx -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
On Fri, Jan 24, 2014 at 11:08:16PM +, Steve Jones wrote: [...] Finally there's the possibility of explicit verification, if someone sends me a challenge and I publish that challenge's signature on my blog then that verifies that I am in control of that private key and can publish to that blog. [...] Wouldn't it be better to publish unencrypted (and unsigned) a challenge received encrypted? As signing unknown data should be avoided, as noone knows whether this data won't ever have a real meaning one does not intend to mean. Hope this message is not syntactically flawed to the point of being meaningless, Leo ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
On Tue, 28 Jan 2014 20:13:30 +0100 Leo Gaspard ekl...@gmail.com wrote: On Fri, Jan 24, 2014 at 11:08:16PM +, Steve Jones wrote: [...] Finally there's the possibility of explicit verification, if someone sends me a challenge and I publish that challenge's signature on my blog then that verifies that I am in control of that private key and can publish to that blog. [...] Wouldn't it be better to publish unencrypted (and unsigned) a challenge received encrypted? As signing unknown data should be avoided, as noone knows whether this data won't ever have a real meaning one does not intend to mean. The challenge would not need to be the sole content of the message that is signed, so long as it is contained in the signed content. A simple human readable message to the effect that the signature is for response to a challenge should suffice. A more sophisticated approach would be for OpenPGP to include a new signature type for this purpose. -- Steve Jones st...@secretvolcanobase.org Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896 signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
On Fri, 24 Jan 2014 12:15:40 -0500 Daniel Kahn Gillmor d...@fifthhorseman.net wrote: There are already systems that make use of the flexibility in this field. For example SSH hosts can publish their RSA host key in an OpenPGP certificate using the monkeysphere (i'm a contributor to the monkeysphere project): http://web.monkeysphere.info/ This looks pretty cool, and does cover some of the things I've been thinking about. I've been wondering about communications secured with OpenPGP, it strikes me that it's not really necessary to even involve SSL; and the nightmares that seems to involve. Does monkeysphere have any aims to do complete connection security via OpenPGP? Other people advocate including a human-readable name without an e-mail address as a User ID, so that you can refer to a person without making any claim about e-mail addresses (i'm don't find the utility of this use case particularly convincing myself, but it doesn't seem terrible). The use case for this would match more closely what the GPG manpage and the PGP key signing party protocol dictate; i.e. that participants verify state issued photo Id to confirm the name of the key holder is their real name - none of my state issued Id has my email address on it. Plus it makes a bit more sense in the case of multiple UIDs, one for your name and possibly many for your email address. So the general question you're asking about is being done already. As for facebook or openid or webforums other identifiers, i don't think those have been particularly well-thought through yet. Under what circumstances would you use them? My thinking is that identity as it is used on the Internet (or the world in general) doesn't really match the way OpenPGP is used. To take an obscure example: some people have noticed that Github has no verification that commits submitted in repositories are actually made by the users registered with those name and email addresses with them, nor can it. This makes it possible, and some trolls have, to impersonate Github users. Git allows for signing commits with keys, but there's not really any way to associate those keys with accounts. Sticking the URL of a Github account in a UID field and having other contributors to a project sign that UID makes it possible to cross verify commits with users. Note that at no stage in this processes is Github required to implement or do anything and no-one's state confirmed identity is involved. Github could of course sign that URL UID if they wished to without saying anything about the user's passport. So I'm led to the idea that associating keys with areas on the web where a person's work, writings, etc... are known is more important than some sort of confirmation of a person's name, which is not even a unique identifier. If, for example, you'd signed your commits to monkeysphere I'd be able to verify your claim that you are a contributor to it (not that I doubt, or have any reason to doubt that). -- Steve Jones st...@secretvolcanobase.org Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896 signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
I think it makes a lot of sense to be able to associate more things with OpenPGP keys. I'm particularly interested in seeing OTR keys and XMPP identities in OpenPGP keys. .hc On 01/23/2014 05:50 PM, Steve Jones wrote: I've been thinking about UIDs in keys, rfc4880 section 5.1 says that by convention a UID is an rfc2822 email address but this is not a requirement[1]. Gnupg does enforce that restriction unless you explicitly disable it. It would seem to make sense to include other strings that can identify a user, many people have various URLs which could be said to relate to their identity, Facebook accounts, blogs etc... It could potentially be useful to be able to associate a key with these other identities, i.e. if you get an email purporting to be from someone you only know on a webforum it would be useful to be able to verify this. I'm curious what other people on this list think of this. [1] http://tools.ietf.org/html/rfc4880#section-5.11 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
On 01/24/2014 12:48 PM, Steve Jones wrote: On Fri, 24 Jan 2014 12:15:40 -0500 Daniel Kahn Gillmor d...@fifthhorseman.net wrote: http://web.monkeysphere.info/ This looks pretty cool, and does cover some of the things I've been thinking about. I've been wondering about communications secured with OpenPGP, it strikes me that it's not really necessary to even involve SSL; and the nightmares that seems to involve. Does monkeysphere have any aims to do complete connection security via OpenPGP? what do you mean complete connection security via OpenPGP? OpenPGP is not a stream-based communications protocol, it's a specification of a message format and a certificate format. Inventing a new stream-based communications protocol from scratch and shoehorning it into OpenPGP doesn't sound like a great idea to me. Monkeysphere uses OpenPGP's certificate format to provide a way for people to verify the keys used in SSH and TLS (and elsewhere -- OTR would be a lovely addition, for example). It does not intend to supplant those communications techniques. So I'm led to the idea that associating keys with areas on the web where a person's work, writings, etc... are known is more important than some sort of confirmation of a person's name, which is not even a unique identifier. If, for example, you'd signed your commits to monkeysphere I'd be able to verify your claim that you are a contributor to it (not that I doubt, or have any reason to doubt that). how are other people going to verify these propose User IDs? If you make a data element a subkey or a notation in your self-signature, you are not asking other people to attempt to certify it. If you make the same data element a User ID or User Attribute, then you are effectively putting it out there for other people to attempt to verify and then certify. If you came to me and said I am the person who blogs at https://www.example.com/stevejones; , how am i supposed to verify that? when would you want me to certify it? --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Non email addresses in UID
On Fri, 24 Jan 2014 17:16:28 -0500 Daniel Kahn Gillmor d...@fifthhorseman.net wrote: what do you mean complete connection security via OpenPGP? OpenPGP is not a stream-based communications protocol, it's a specification of a message format and a certificate format. Inventing a new stream-based communications protocol from scratch and shoehorning it into OpenPGP doesn't sound like a great idea to me. OpenPGP is a packetised data format. There's nothing stopping it being used to send a stream of encrypted and signed data packets. The main thing you lose is the complicated and messy handshake at the start which seems to be the cause of so many implementation bugs. You do loose the possibility of perfect forward secrecy though. It was more an idle musing than anything else though. how are other people going to verify these propose User IDs? If you make a data element a subkey or a notation in your self-signature, you are not asking other people to attempt to certify it. If you make the same data element a User ID or User Attribute, then you are effectively putting it out there for other people to attempt to verify and then certify. If you came to me and said I am the person who blogs at https://www.example.com/stevejones; , how am i supposed to verify that? when would you want me to certify it? Well the simplest way would be if I signed my blog posts. It's easy enough to verify that my emails and posts are signed with the same key. Cryptographically easy that is, the existing tools are not so good for this kind of method of operation. Otherwise by usual web of trust means. If people who know me by other means are convinced that that blog is mine they can sign that UID, in the same manner as people could sign a photo attribute if they know what I look like. Finally there's the possibility of explicit verification, if someone sends me a challenge and I publish that challenge's signature on my blog then that verifies that I am in control of that private key and can publish to that blog. Which reminds me that I'd really like an email client that automatically signs keys at level 1 (persona) of anyone who replies with a signed email that quotes a significant portion of the text I sent, as this effectively counts as a challenge response protocol in my book. -- Steve Jones st...@secretvolcanobase.org Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896 signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Non email addresses in UID
I've been thinking about UIDs in keys, rfc4880 section 5.1 says that by convention a UID is an rfc2822 email address but this is not a requirement[1]. Gnupg does enforce that restriction unless you explicitly disable it. It would seem to make sense to include other strings that can identify a user, many people have various URLs which could be said to relate to their identity, Facebook accounts, blogs etc... It could potentially be useful to be able to associate a key with these other identities, i.e. if you get an email purporting to be from someone you only know on a webforum it would be useful to be able to verify this. I'm curious what other people on this list think of this. [1] http://tools.ietf.org/html/rfc4880#section-5.11 -- Steve Jones st...@secretvolcanobase.org Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896 signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
