Re: PGP for official documents / eIDAS and ZertES

[Ben McGinnes]

On Tue, Oct 10, 2017 at 08:40:38AM +, ankostis wrote:
> But it doesn't have to be XML!
> Besides ETSI, the european organization implementing eIDAS has 3 "standards"
> (e.g. [1]):
> XADES(XML), PADES (pdf), CADES - the last one doubting if it has any
> modern use.
> 
> Why not push them for a new PGPADES standard?

For the same reason as not wanting to wrestle crypto and XML into one
working thing: I'd like to keep the hair I have and not see it go as
white as Ray Wise playing Leland Palmer and just as quickly.


Regards,
Ben


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[ankostis]

But it doesn't have to be XML!
Besides ETSI, the european organization implementing eIDAS has 3 "standards"
(e.g. [1]):
XADES(XML), PADES (pdf), CADES - the last one doubting if it has any modern use.

Why not push them for a new PGPADES standard?

Best,
  Kostis

[1] https://blogs.adobe.com/security/91014620_eusig_wp_ue.pdf

On 2 June 2017 at 22:37, Ben McGinnes  wrote:
> On Fri, Jun 02, 2017 at 09:39:51PM +0200, Werner Koch wrote:
>> On Wed, 31 May 2017 19:34, ankos...@gmail.com said:
>>
>> |  >>I have some questions related to XML-Dsig:
>> |  >
>> |  >Argghh!! Run away!
>> |
>> |  A near-universal reaction.
>>
>> XML crypto can be summarized as
>> we-repeat-all-bugs-the-other-two-protocols-meanwhile-fixed-and-add-extra-complexity-for-even-more-fun
>> See also 
>
> I like XML, it's very good at what it was originally intended for.  I
> like crypto, and specifically OpenPGP, too and for much the same
> reasons ...
>
> I am *not*, however, crazy enough to to even consider attempting this.
> That way lies only madness and ruin.  Or, to put it another way, I
> listened to Peter the first time around.  ;)
>
>> ps. I already have my share of grey hair from implementing X.509/CMS.
>> There is not enough left for an XML crypto endeavor.
>
> Mine's not expendable either and I didn't need to go anywhere near
> X.509 to know that.
>
> The closest anyone should get to that sort of thing is "I have foo.xml
> and I've signed it, I now also have foo.xml.sig" and that's it.
>
>
> Regards,
> Ben
>
> P.S.  You heard me say "no" right?  Just checking ...

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[Ben McGinnes]

On Fri, Jun 02, 2017 at 09:39:51PM +0200, Werner Koch wrote:
> On Wed, 31 May 2017 19:34, ankos...@gmail.com said: 
> 
> |  >>I have some questions related to XML-Dsig:
> |  >
> |  >Argghh!! Run away!
> |
> |  A near-universal reaction.
> 
> XML crypto can be summarized as
> we-repeat-all-bugs-the-other-two-protocols-meanwhile-fixed-and-add-extra-complexity-for-even-more-fun
> See also 

I like XML, it's very good at what it was originally intended for.  I
like crypto, and specifically OpenPGP, too and for much the same
reasons ...

I am *not*, however, crazy enough to to even consider attempting this.
That way lies only madness and ruin.  Or, to put it another way, I
listened to Peter the first time around.  ;)

> ps. I already have my share of grey hair from implementing X.509/CMS.
> There is not enough left for an XML crypto endeavor.

Mine's not expendable either and I didn't need to go anywhere near
X.509 to know that.

The closest anyone should get to that sort of thing is "I have foo.xml
and I've signed it, I now also have foo.xml.sig" and that's it.


Regards,
Ben

P.S.  You heard me say "no" right?  Just checking ...


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[Werner Koch]

On Wed, 31 May 2017 19:34, ankos...@gmail.com said:

> More detailed, from the three standards supported, only the last one,
> XML-sig, supports PGP: https://www.w3.org/TR/xmldsig-core/#sec-PGPData

That looks pretty much like a re-specification of PKCS#15 which also has
provisions for PGP and SPKI.  However, I have never seen an
implementation of that and the whole spec is heavily underspecified to
actually implement something based on this.  PKCS#15 at least tried to
unify existing protocols for tokens. 

|  >>I have some questions related to XML-Dsig:
|  >
|  >Argghh!! Run away!
|
|  A near-universal reaction.

XML crypto can be summarized as
we-repeat-all-bugs-the-other-two-protocols-meanwhile-fixed-and-add-extra-complexity-for-even-more-fun
See also 

If someone really likes that stuff and want to give it a try, I would
suggest to write it along the lines of GnuPG's gpgsm tool so that it has
a similar external interface.  Adding this tool to GPGME would then be
the simple part.


SCNR,

   Werner



ps. I already have my share of grey hair from implementing X.509/CMS.
There is not enough left for an XML crypto endeavor.

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpOeOyLCGrH0.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[Daniel Pocock]

On 31/05/17 19:34, ankostis wrote:
> On 31 May 2017 at 15:14, Daniel Pocock  wrote:
>>
>> Are the CMS, PDF or XML standards flexible enough that a PGP signature
>> could be used within any of them and thereby satisfy the legislation?
> 
> IANAL, but I would agree with Reiner that the implementing acts are not
> technology-neutral.
> More detailed, from the three standards supported, only the last one,
> XML-sig, supports PGP: https://www.w3.org/TR/xmldsig-core/#sec-PGPData
> 

Are there any basic examples of using XML-sig with GnuPG for signing and
verifying?

Are there any specific attributes that need to be included in a key used
for eIDAS?  E.g. does the legislation expect the photo or even something
like home address or date of birth, or just the name and email address
is sufficient?


> 
> 
>>> There are quite heavy
>>> legal and organization layers on top of the technology that assure
>>> security levels, notification (mutual acceptance) and cooperation
>>> procedures.
> 
> Regarding organizational issues, there in nothing in eIDAS *in principal"
> that forbids a company to use XML-sig with PGP.
> But it would be interesting how the "national authorities" would react
> in practice,
> should they receive such a request from a company.
> If it would work, for certain, these 2 German companies would have a 
> head-start.
> 

There are a couple of scenarios:

- for submitting documents to national authorities, some types of
submission (e.g. a tax return without any refund due) are a one-way
process.  The person submitting the document can assert they submitted
it in compliance with the law and it is then a problem for the national
authority to make sure their IT systems are reading valid PGP
signatures.  We will see some of them start advertising vacancies for
consultants with PGP expertise at the point people start submitting
PGP-signed documents.

- for business-to-business or consumer-to-business transactions, if a
business is willing to accept orders signed with PGP, they are making
life a lot easier for their customers.  The money the customer doesn't
have to waste on something like SuissID is money the customer can spend
with the business in question.

Another aspect of this topic: if at least one valid solution exists
(e.g. using XML-sig), then consultants specializing in PGP could tell
their customers that they offer a competitive solution compliant with
eIDAS and ZertES.

Regards,

Daniel

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[ankostis]

On 31 May 2017 at 15:14, Daniel Pocock  wrote:
>
> Are the CMS, PDF or XML standards flexible enough that a PGP signature
> could be used within any of them and thereby satisfy the legislation?

IANAL, but I would agree with Reiner that the implementing acts are not
technology-neutral.
More detailed, from the three standards supported, only the last one,
XML-sig, supports PGP: https://www.w3.org/TR/xmldsig-core/#sec-PGPData



> > There are quite heavy
> > legal and organization layers on top of the technology that assure
> > security levels, notification (mutual acceptance) and cooperation
> > procedures.

Regarding organizational issues, there in nothing in eIDAS *in principal"
that forbids a company to use XML-sig with PGP.
But it would be interesting how the "national authorities" would react
in practice,
should they receive such a request from a company.
If it would work, for certain, these 2 German companies would have a head-start.



> Thanks for the feedback about that.  Are all users likely to depend on
> all of those things, or is it possible that a PGP signature would be
> sufficient in some use cases?

Check also the "closed systems" exception in the eIDAS regulation.
Search the legal-text for this term (e.g. Art 2.2) to get a rough
understanding of this.
http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32014R0910&from=EN

Finally, I believe that a crucial point is whether the interpretation
of "assurance levels"
can also apply to PGP, and Art 16 hints that it does.
This may be the twisting-arm power for PGP to come on board eIDAS.


Thanks for bringing this subject up,
  Kostis

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[Rainer Hoerbe]

> Am 31.05.2017 um 15:14 schrieb Daniel Pocock :
> 
> Are the CMS, PDF or XML standards flexible enough that a PGP signature
> could be used within any of them and thereby satisfy the legislation?
> Or could any of those standards potentially be amended/extended to allow
> use of PGP signatures?

CMS and PGP signatures are similar in concept, but incompatible. GPG-signatures 
could be added to xmldsig quite easily, but implementing this securely in 
different libraries would be a major undertaking. In addition, the WoT model is 
not compatible with the PKI + Trust Status Lists of eIDAS, although one could 
bridge the models, somehow.

> Thanks for the feedback about that.  Are all users likely to depend on
> all of those things, or is it possible that a PGP signature would be
> sufficient in some use cases?
> 
> In Switzerland, a number of state organizations are now accepting
> digital signatures and the Swiss Post is promoting a ZertES/eIDAS
> compliant solution, SuisseID.  However, the price[1] is quite expensive
> and even people who know nothing about PKI look at it and think it is a
> rip-off (Deutsch: ein teurer Flop[2]) and start looking for
> alternatives.  Many organizations are afraid to fully depend on it,
> especially when dealing with consumers.
> 
> It would be good to see PGP-based solutions grabbing market share before
> things like SuisseID eventually gain traction.

PGP is sufficient - I would say even better and more secure - in use cases 
where a small community leverages a trust relationship from the physical world. 
An example are CERT-employees or Federation Operators who know each other 
directly or with usually one intermediary from conferences and meetings, and 
are technically versed enough to overcome the learning curve.

eIDAS has a very different scope, trying to make electronic identities of all 
EU citizens trustworthy between member states.  It is hard to judge if SuisseID 
is expensive or not. With support and integration a price range of 50€/year is 
what enterprises pay for an employee smartcard. But I guess that even 
„expensive" cards like nPA and SuisseID are somehow subsidized by the taxpayer. 
We will probably know only in hindsight if it was worth the investment from a 
macroeconomic point of view.

PGP might grab significant market shares inside specific domains, where its 
poor usability does not matter or is covered by scripts and shells. However, as 
a competitor to eIDAS it would need a massive investment and industry + 
government support.

> 
> Does eIDAS require people to obtain their smart card or certificate in
> the country where they reside?  Or will they potentially be able to shop
> around, e.g. a Swiss person would be able to go to a German or French
> post office and get a cheaper alternative?

Not cheap, because the vetting of persons against public registers requires 
administrative procedures. AFAIK only Estonia is offering such a service as of 
now, called the e-Residency program.

- Rainer
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[Daniel Pocock]

On 31/05/17 13:54, Rainer Hoerbe wrote:
> Hi Daniel,
> 
> The eIDAS regulation is replacing the national e-signature laws to make
> signatures (besides other other things) interoperable across borders.
> While the law is fairly technology-neutral, the implementation acts have
> to reference specific technologies, which are CMS, PDF- and XML
> signature, but not PGP-signature.
>

Are the CMS, PDF or XML standards flexible enough that a PGP signature
could be used within any of them and thereby satisfy the legislation?
Or could any of those standards potentially be amended/extended to allow
use of PGP signatures?


> Beyond that, even if the EU would include PGP signatures, the technical
> interoperability would just be the beginning. There are quite heavy
> legal and organization layers on top of the technology that assure
> security levels, notification (mutual acceptance) and cooperation
> procedures. IMHU none of these exist in the PGP world.
> 

Thanks for the feedback about that.  Are all users likely to depend on
all of those things, or is it possible that a PGP signature would be
sufficient in some use cases?

In Switzerland, a number of state organizations are now accepting
digital signatures and the Swiss Post is promoting a ZertES/eIDAS
compliant solution, SuisseID.  However, the price[1] is quite expensive
and even people who know nothing about PKI look at it and think it is a
rip-off (Deutsch: ein teurer Flop[2]) and start looking for
alternatives.  Many organizations are afraid to fully depend on it,
especially when dealing with consumers.

It would be good to see PGP-based solutions grabbing market share before
things like SuisseID eventually gain traction.

Does eIDAS require people to obtain their smart card or certificate in
the country where they reside?  Or will they potentially be able to shop
around, e.g. a Swiss person would be able to go to a German or French
post office and get a cheaper alternative?

Regards,

Daniel



1. https://postsuisseid.ch/en/
2.
https://www.srf.ch/sendungen/kassensturz-espresso/themen/geld/suisseid-mehr-als-ein-teurer-flop

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[Rainer Hoerbe]

Hi Daniel,

The eIDAS regulation is replacing the national e-signature laws to make 
signatures (besides other other things) interoperable across borders. While the 
law is fairly technology-neutral, the implementation acts have to reference 
specific technologies, which are CMS, PDF- and XML signature, but not 
PGP-signature.

Beyond that, even if the EU would include PGP signatures, the technical 
interoperability would just be the beginning. There are quite heavy legal and 
organization layers on top of the technology that assure security levels, 
notification (mutual acceptance) and cooperation procedures. IMHU none of these 
exist in the PGP world.

- Rainer


> Am 31.05.2017 um 12:46 schrieb Stefan Claas :
> 
> 
> 
> Am 31.05.2017 um 12:18 schrieb Daniel Pocock:
>> 
>> Hi Stefan,
>> 
>> Thanks for sharing these.  Unfortunately my German skills are not great,
>> could you make any comment about those companies?
>> 
>> In particular,
>> 
>> - does a signature from either of these comply with eIDAS (and therefore
>> ZertES)?
>> 
>> - what effort is required to get the signature (e.g. somebody must come
>> to Germany?)
>> 
>> Regards,
>> 
>> Daniel
>> 
> Hi Daniel,
> 
> i'm not (yet) familar with eIDAS and can't answer that question.
> 
> For your second question. To obtain a sig3 from Governikus you need
> a german id-card an id-card card reader and the software AusweisApp2.
> 
> For a sig3 from the well known CT Magazin in Germany you have to show
> up at their booth (like CeBit Fair, Hannover Fair or Funkaustellung in
> Berlin) with your id-card and a filled out form (downloadable at their
> web site)
> 
> Regards
> Stefan
> 
> 
> 
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org 
> http://lists.gnupg.org/mailman/listinfo/gnupg-users 
> 
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[Stefan Claas]

Am 31.05.2017 um 12:18 schrieb Daniel Pocock:


Hi Stefan,

Thanks for sharing these.  Unfortunately my German skills are not great,
could you make any comment about those companies?

In particular,

- does a signature from either of these comply with eIDAS (and therefore
ZertES)?

- what effort is required to get the signature (e.g. somebody must come
to Germany?)

Regards,

Daniel


Hi Daniel,

i'm not (yet) familar with eIDAS and can't answer that question.

For your second question. To obtain a sig3 from Governikus you need
a german id-card an id-card card reader and the software AusweisApp2.

For a sig3 from the well known CT Magazin in Germany you have to show
up at their booth (like CeBit Fair, Hannover Fair or Funkaustellung in
Berlin) with your id-card and a filled out form (downloadable at their
web site)

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[Daniel Pocock]

On 30/05/17 22:17, Stefan Claas wrote:
> 
> 
> On 30.05.17 08:05, Daniel Pocock wrote:
>>
>> Does anybody know of certificate authorities who are willing to sign PGP
>> keys or has anybody ever looked into making that happen?
> Hi Daniel,
> 
> please check those two links:
> 
> https://pgp.governikus-eid.de/pgp/
> https://www.heise.de/security/dienste/PGP-Schluessel-der-c-t-CA-473386.html
> 

Hi Stefan,

Thanks for sharing these.  Unfortunately my German skills are not great,
could you make any comment about those companies?

In particular,

- does a signature from either of these comply with eIDAS (and therefore
ZertES)?

- what effort is required to get the signature (e.g. somebody must come
to Germany?)

Regards,

Daniel

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP for official documents / eIDAS and ZertES

[Stefan Claas]

On 30.05.17 08:05, Daniel Pocock wrote:
>
> Does anybody know of certificate authorities who are willing to sign PGP
> keys or has anybody ever looked into making that happen?
Hi Daniel,

please check those two links:

https://pgp.governikus-eid.de/pgp/
https://www.heise.de/security/dienste/PGP-Schluessel-der-c-t-CA-473386.html

Regards
Stefan




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

PGP for official documents / eIDAS and ZertES

[Daniel Pocock]

Hi all,

Can PGP / GnuPG be used in a way that makes signatures compliant with
the European eIDAS[1] or Switzerland's ZertES[2]?

Do those standards explicitly require X.509 based solutions?  Or could a
certificate authority sign people's PGP keys and their PGP key could
then be used for signing official documents?

Does anybody know of certificate authorities who are willing to sign PGP
keys or has anybody ever looked into making that happen?

Regards,

Daniel



1. https://en.wikipedia.org/wiki/EIDAS
2. https://en.wikipedia.org/wiki/ZertES

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users