Re: Signing a key (meaning)
One reason we use GnuPG for is we think it is significant likeky there's a man in the middle attack or someone has access to email accounts he should not have. Given that, what benefit does one take from knowing my communication partner has access to a certain email account? The biggest benefit is that you can actually email the person. ;-) That's through, but WHY should anybody (even an attacker) place an email address in the ID over wich they have no control? If you don't believe or know (to a reasonable degree) that a person has control of his email, then you can't communicate with them securely by email. At best, they never get the message and it's pointless. At worst, some hypothetical exploit by some hypothetical attacker compromises your communications. (Developing this hypothetical attack is left as an exercise to the reader...) Unfortunately I'm not able to develope such an attack, and think there is none of importance. Could you please help me? Thnks for answers, Jan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Monday 11 April 2011 at 9:18:36 AM, in mid:20110411081836.81...@gmx.net, Jan Janka wrote: but WHY should anybody (even an attacker) place an email address in the ID over wich they have no control? People make mistakes. And plenty of people have previous email addresses they no longer have access to (for example, accounts from defunct IPSs or addresses they have abandoned because of spam, or addresses on domains they used to own...). And an attacker may include an email address they are hoping/planning to gain control/access to in the future. - -- Best regards MFPAmailto:expires2...@ymail.com The problem is not that we're paranoid; it's that we're not paranoid enough. -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNotqunhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pBLkEAJxR Mw7cbnrxMCMPvAat+623OtKqQ+n3PhiCcyXXlTPCpWOSPvdjn/Falqdi8ivyaR+n l64OSqMkbe8G5v7TcuXhUuZj7bojuJ2cz+QS2v655WFrl6NIKHvfVYhTOEW26o+F bib7zPpIKRczum4UFUgnQihUXYrQhL0Dy+9SuCpK =OWxW -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
On 4/11/11 4:18 AM, Jan Janka wrote: One reason we use GnuPG for is we think it is significant likeky there's a man in the middle attack or someone has access to email accounts he should not have. Given that, what benefit does one take from knowing my communication partner has access to a certain email account? The biggest benefit is that you can actually email the person. ;-) That's through, but WHY should anybody (even an attacker) place an email address in the ID over wich they have no control? The obvious example is the standard MITM attack. They don't have access to a person's inbox, but they intercept messages before it gets to their ISP's mail server, and re-encrypts it to the 'real' key. They still don't have control over the endpoint, they can't read, modify, or delete existing messages, but they can modify things in transit. Again, I think you can probably start with a different set of base assumptions when signing an associate's key and a stranger's key. And some people have reasons I can't even fathom: johnmudhead:~ grant$ gpg --keyserver pool.sks-keyservers.net --search-keys presid...@whitehouse.gov gpg: searching for presid...@whitehouse.gov from hkp server pool.sks-keyservers.net (1) Barak Obama (I'm the president) ob...@whitehouse.gov 2048 bit RSA key B110EE8F, created: 2010-12-09 (2) Barack Hussein Obama (DOD) presid...@whitehouse.gov 1024 bit DSA key 0B72EB0F, created: 2009-04-27 (3) BUsh the past coming... presid...@whitehouse.gov 1024 bit DSA key 6909AF98, created: 2008-10-27 (4) clinton_lewinsky presid...@whitehouse.gov 1024 bit DSA key AD3EE118, created: 2008-10-27 (5) ElPresi! (the president of the white house...) president@whitehouse.g 2048 bit RSA key 0BCC736D, created: 2008-10-26 (6) bushbushbushbushbush presid...@whitehouse.gov 1024 bit DSA key E3F0063A, created: 2008-02-10 (7) George Bush (I am a fag. I support the NWO.) presid...@whitehouse.gov 512 bit DSA key DE415F3C, created: 2008-01-26 (revoked) (8) abc presid...@whitehouse.gov 1024 bit DSA key CEBBC2C4, created: 2007-10-27 (9) BushBush presid...@whitehouse.gov 1024 bit DSA key 22A6F4D2, created: 2007-10-20 (10)John Kerry presid...@whitehouse.gov 1024 bit DSA key A5978876, created: 2004-09-21 (11)George Walker Bush (DOD) presid...@whitehouse.gov 1024 bit DSA key 0CB5C0BC, created: 2004-09-21 Keys 1-11 of 24 for presid...@whitehouse.gov. Enter number(s), N)ext, or Q)uit If you don't believe or know (to a reasonable degree) that a person has control of his email, then you can't communicate with them securely by email. At best, they never get the message and it's pointless. At worst, some hypothetical exploit by some hypothetical attacker compromises your communications. (Developing this hypothetical attack is left as an exercise to the reader...) Unfortunately I'm not able to develope such an attack, and think there is none of importance. Could you please help me? I personally don't think there is one. -- Grant I am gravely disappointed. Again you have made me unleash my dogs of war. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Monday 11 April 2011 at 6:06:48 PM, in mid:4da33528.4010...@grant-olson.net, Grant Olson wrote: but WHY should anybody (even an attacker) place an email address in the ID over wich they have no control? The obvious example is the standard MITM attack. [...] At worst, some hypothetical exploit by some hypothetical attacker compromises your communications. (Developing this hypothetical attack is left as an exercise to the reader...) Unfortunately I'm not able to develope such an attack, and think there is none of importance. Could you please help me? I personally don't think there is one. You already mentioned the standard MITM attack. Isn't that one? - -- Best regards MFPAmailto:expires2...@ymail.com A bird in the hand makes it awfully hard to blow your nose -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNo4INnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pfxID/jk2 WNaMjt1k9Q+angyzPAOe/ztfc1GoBDg3jSfuBwknluefLDijapiVPKis74I4qohb YZiATyPSKxyio6dVDgVRGL/8izUCFDtjmgh4IBIgjd13UDNcLFbKl/0cOZKTXeOg ZEEr8kOcEA/1/jF+AQPWYZrn/xQWwSPwmX7F9q6e =3U1w -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
On 4/11/11 6:34 PM, MFPA wrote: Unfortunately I'm not able to develope such an attack, and think there is none of importance. Could you please help me? I personally don't think there is one. You already mentioned the standard MITM attack. Isn't that one? I don't think it counts as the middle if you have access to the email account. If I've got your logon info, and I'm accessing your account that way, it's no longer invisible when I try to quickly delete the original message and throw up a fake replacement. You might see a message hit the inbox, get deleted, and see a similar one pop up from your mail client. And if you reply to the forged message, I can't stop that from going out into the world to trick the other party. -- Grant I am gravely disappointed. Again you have made me unleash my dogs of war. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Monday 11 April 2011 at 11:49:10 PM, in mid:4da38566.4030...@grant-olson.net, Grant Olson wrote: I don't think it counts as the middle if you have access to the email account. If I've got your logon info, and I'm accessing your account that way, it's no longer invisible when I try to quickly delete the original message and throw up a fake replacement. You might see a message hit the inbox, get deleted, and see a similar one pop up from your mail client. And if you reply to the forged message, I can't stop that from going out into the world to trick the other party. That's all fair enough, but I still think the standard MITM attack is an example of some hypothetical exploit by some hypothetical attacker compromises your communications. - -- Best regards MFPAmailto:expires2...@ymail.com Virtual workspace, Virtual Office, Virtual Job -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNo4olnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pyhYD/3vL kalsXTCADxCDP1FPry7PCKgQjbPTMFmEsgj9BSAGbNKaaOnVkt+yUwqWG0yyubNo wT8IrWSYiayt+TG8a8vHackLH+uFTeHzgciFqt1p67reOUfBnWmsXuS1lcXp/D+8 mBreIIZn6Lxb7RCZtXZ/YU3gzx9tmOtgiGWlgxje =h07o -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
On 04/11/2011 07:09 PM, MFPA wrote: Hi On Monday 11 April 2011 at 11:49:10 PM, in mid:4da38566.4030...@grant-olson.net, Grant Olson wrote: I don't think it counts as the middle if you have access to the email account. If I've got your logon info, and I'm accessing your account that way, it's no longer invisible when I try to quickly delete the original message and throw up a fake replacement. You might see a message hit the inbox, get deleted, and see a similar one pop up from your mail client. And if you reply to the forged message, I can't stop that from going out into the world to trick the other party. That's all fair enough, but I still think the standard MITM attack is an example of some hypothetical exploit by some hypothetical attacker compromises your communications. Yes, of course. I was referring to the scenario somewhere in this thread where a malicious user has illegal access to your email account. For that case, I have a hard time conjuring up a reliable exploit where people are sending you stuff that gets to your inbox with the attacker's key, and you don't notice anything suspicious. -- -Grant Look around! Can you construct some sort of rudimentary lathe? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 04/11/2011 06:09 PM, MFPA wrote: That's all fair enough, but I still think the standard MITM attack is an example of some hypothetical exploit by some hypothetical attacker compromises your communications. MITM is not hypothetical and has been used quite a bit with SSL based systems. There are even companies who have entire product lines geared towards LE / Intel org's that perform SSL MITM attacks for intelligence gathering and such. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJNo4vwAAoJEPXCUD/44PWqc40QAIKXhSHTZRVk8dBzO7hwMUrr b89uLITHGzuHK0lP3Y0QJB78mZAaL65HjTIcfqWKkjfaiJige06wb/iwoCQLPlE+ YCqACYwg4ByVQB+YOCFJ2H00aOXFq67rm7WkDoCvvrstVMQLmK3TW0uRFld7cNwu vkPcFj/Sz6HE5Yoo9yFrU2IFAGAKjjHsSrpoNXQzZn+5OdqTrM3zDlzfkNHFw6da zSd/uP+gBjo85e6mgseloI8WVSSDnYmuww5RMiTSfAYcSJCu5t6Pa1nA0bQzk4O2 BWQwjbmvfat0soy5cChyZLONvXV3DfReMWRzrz4rauNoyn7BDZSbsBcL+QC0OwQb 0L3iIGVXhKtQWmQiZXvEPHsto/JKWq6B4TvM6tWXN3H5MTuIe2ecl1VtMPF0x7F6 UQGcD6kAIaYIiL1x0wapQ8xwbVAzbxcwsZpNfjiUcc8YWrrnQLBvzOd95EcsLstH ntx6wBK2Jg9lWZmiSHO7tTPbbvnDXTev+WTBd6xVnDNrBRaAl2zGUOv6aP9lduOv m0t5tkX4OV5IT4aqh4xu6B1MSEIYBb2toJ5Gm8sIPIYi9j7BFiXW6QxTIP+g/C72 jCej+foHl5cKG/F4wjmT75907r7RzUdzaASVW/A5h8a6p7cS3z1YtO3NERrczszN WJYy19kpRZw9VcI8Cijk =knMv -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
But the e-mail access control check *does* protect against the attack scenario where at the time of keysigning, Eve does *not* have access to Bob's inbox. Yes, but the fingerprint check already protects against that, so why do we need another check? Please describe how checking key fingerprints is in any way related to email addresses. You are right, there's actually no direct connection, sorry. I was thinking about a friend who sends me his key via email. Because I don't want to rely on the fact he is the only one who has access to his email account and there might be a man in the middle, too, I do the fingerprint check on the phone. But my ponit is as follows: One reason we use GnuPG for is we think it is significant likeky there's a man in the middle attack or someone has access to email accounts he should not have. Given that, what benefit does one take from knowing my communication partner has access to a certain email account? I'm grateful for answers, Jan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
On 04/10/2011 02:48 PM, Jan Janka wrote: But my ponit is as follows: One reason we use GnuPG for is we think it is significant likeky there's a man in the middle attack or someone has access to email accounts he should not have. Given that, what benefit does one take from knowing my communication partner has access to a certain email account? I'm grateful for answers, Jan The biggest benefit is that you can actually email the person. ;-) If you don't believe or know (to a reasonable degree) that a person has control of his email, then you can't communicate with them securely by email. At best, they never get the message and it's pointless. At worst, some hypothetical exploit by some hypothetical attacker compromises your communications. (Developing this hypothetical attack is left as an exercise to the reader...) You could use something like pgpboard or a usenet group. You could fedex them a usb stick. You could use a carrier pigeon. In which case, yes, their email address is irrelevant for your purposes. But an overwhelming majority of people are going to prefer email to the alternatives. In the case of your friend, who you've already been communicating with, I don't think sending the signature to his email address performs any additional verification. But that's because you've already established a few conditions of key validity, not because you don't care if he controls an email account or not. You already have good reason to believe that: (1) you know his real world identity, because you know him in the real world. (2) He has control of the communication endpoint (the email address) because you've been emailing him back and forth. When those two conditions are already established, you only need to verify the fingerprint directly to establish there's not a MITM attack. I think the email check is more useful and perhaps even required for something like a key-signing party, where you've never engaged in email communications with this person before. You start off with everything about this person as an unknown. You need to (1) examine a government issued id to verify this persons real-world identity. (2) Get the fingerprint directly to demonstrate that he actually controls the key in question; he's not a MITM. (3) Send the info to the email tests that he actually controls the endpoint he claims to control. -- -Grant Look around! Can you construct some sort of rudimentary lathe? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 8 April 2011 at 11:58:09 PM, in mid:20110408225809.156...@gmx.net, Jan Janka wrote: But the e-mail access control check *does* protect against the attack scenario where at the time of keysigning, Eve does *not* have access to Bob's inbox. Yes, but the fingerprint check already protects against that, so why do we need another check? Please describe how checking key fingerprints is in any way related to email addresses. My understanding is that there is a three-point check:- 1. checking the fingerprint to ensure you have the correct key. 2. checking identity documents to ensure it is the correct person. 3. sending an encrypted message to ensure somebody controlling that key can receive emails at that address. 1. John tells me j...@hot.com. 2. I believe him he has access to j...@hot.com (see former email). 3. I find keys on the server by looking for j...@hot.com. 4. I choose John Smith j...@hot.com, because I know his name. 5. I make a fingerprint check on the phone (I know his voice). 6. I sign the key. 7. I upload the signed key to the keyserver. Number 7 is a very rude thing to do. Much better to email the signed key to John Smith and let him decide whether or not to publish it with your signature on it. Better still to encrypt that message to the key you have just signed, so that only a person in control of that key has access to the copy bearing your signature. Then delete the exportable signature from your own copy of that key and replace it with a local signature, so that you don't accidentally send it to a server bearing your signature, potentially against John Smith's wishes. - -- Best regards MFPAmailto:expires2...@ymail.com ETHERNET(n): device used to catch the Ether bunny -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNoFCXnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pHKcD/1YF V03ZULqlhHjfsLjOTQ6IaU0ONCXaQZYMWDAcpatNLLj3WU5YPE6wgQwaEDgwhT6h f+RnLgeNOE70v1uFy+hJ/iXvIOI4PD9Y7u9QajBWUbRPSPJ0krrUbgR8Yk5mOf45 9DmGJ0Oe2sUc5K0g4NyvDkV4hjbHaL+9ff/5wPWE =kALw -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
On 4/9/11 8:26 AM, MFPA wrote: My understanding is that there is a three-point check:- As a minor nit -- the protocol you've outlined is a good one, is commonly used, and is highly recommended -- but it is not the only one, and special use cases may involve their own different protocol. There is more than one way to skin this cat. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Re: Signing a key (meaning)
Hi! Am -10.01.-28163 20:59, schrieb takethe...@gmx.de: I wonder how I can check whether the email address in the ID realy belongs to the keyowner. You can only check whether the key owner has access to the email address. You cannot check whether this access is in any way exclusive, legit or whatever. But the same is true for all other things one can check before a signature: - The signee has access to the private key (since the UID he wants you to certify is signed by it). - The signee has access to documents/evidence proving that the name in the UID is his. cu, Sven ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
Sounds like some people could use a signature type which means: I disclaim all signatures made by key. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpp2yNFuADwp.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
I wonder how I can check whether the email address in the ID realy belongs to the keyowner. You can only check whether the key owner has access to the email address. You cannot check whether this access is in any way exclusive, legit or whatever. I think so, but WHAT benefit (concerning the identity) do you have from knowing that the person who owns the private key *has access* to the email address mentioned in that key ID? Remember that we do the whole fingerprint checking, because we believe it might very well be there's a man in the middle or that an attacker has access to the email address. I think there's no benefit, because everybody who issueses a key (even an attacker) wants to receive information encrypted with that key, - otherwise he wouldn't issue it. Thus he will place an email address in the ID he has access to. So I think we can take this for granted. The reason why the email address is in the user ID is for convenience (so everybody knows where to send emails) and makes sure keys can be easily found on the keyserver. Apart from that it enables user to distinguished between keys of persons with the same name. Thanks for answers, Jan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
On 04/08/2011 06:02 PM, Jan Janka wrote: I think there's no benefit, because everybody who issueses a key (even an attacker) wants to receive information encrypted with that key, - otherwise he wouldn't issue it. Thus he will place an email address in the ID he has access to. So I think we can take this for granted. But if an attacker puts his e-mail address on a key he claims to be mine, he won't get my mail sent to (or encrypted to) him. Many people already know Bob's e-mail address; if they're sending mail do b...@example.net, they're not going to encrypt that mail to a key that has Bob e...@example.com as the only User ID. OTOH, if Eve suspects she might at some point get access to a message that was sent to Bob, it's in her interest to put *Bob's* e-mail address on a key and try to get people to accept it as Bob's (rather than putting her own address on it). You're right that if Eve *already* has access to Bob's inbox, then the e-mail access check won't be a terribly useful test (though as soon as people start encrypting mail to Eve's key and mailing it to Bob, Bob ought to notice). But the e-mail access control check *does* protect against the attack scenario where at the time of keysigning, Eve does *not* have access to Bob's inbox. It protects the contents of the inbox (because people send messages encrypted to the correct key) when some of Bob's mail accidentally leaks to Eve later. The reason why the email address is in the user ID is for convenience (so everybody knows where to send emails) and makes sure keys can be easily found on the keyserver. Apart from that it enables user to distinguished between keys of persons with the same name. This is pretty critical in some contexts. E-mail is a (mostly) unique, global identifier. John Smith is not. --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
But if an attacker puts his e-mail address on a key he claims to be mine, he won't get my mail sent to (or encrypted to) him. If someone somehow gets that key, reads your name in the ID and relies on that name he might sent mail intented for you to the attacker's email address, that might even pretty much look like yours email address. But the e-mail access control check *does* protect against the attack scenario where at the time of keysigning, Eve does *not* have access to Bob's inbox. Yes, but the fingerprint check already protects against that, so why do we need another check? The reason why the email address is in the user ID is for convenience (so everybody knows where to send emails) and makes sure keys can be easily found on the keyserver. Apart from that it enables user to distinguished between keys of persons with the same name. This is pretty critical in some contexts. E-mail is a (mostly) unique, global identifier. John Smith is not. What do you mean with critical? John Smith j...@hot.com is quite global and quite unique, although I don't check the email address before signing. 1. John tells me j...@hot.com. 2. I believe him he has access to j...@hot.com (see former email). 3. I find keys on the server by looking for j...@hot.com. 4. I choose John Smith j...@hot.com, because I know his name. 5. I make a fingerprint check on the phone (I know his voice). 6. I sign the key. 7. I upload the signed key to the keyserver. If there is a clever attacker he might issue a key with the very same ID. People then looking for John's key will be presented the following list: John Smith j...@hot.com (signed by me) John Smith j...@hot.com If they don't know me they can simply do their own fingerprintcheck with John, otherwise they will take the signed key. Thanks for your answers, I know I'm asking unorthodox questions, but I pretty much feel I'm right and the conventional procedure is partly unnecessary and thus hard to understand and difficult to use. Best regards, Jan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Signing a key (meaning)
Hi everybody out there, I put some thoughts on the meaning of signing a key and came to an unusual definition. Maybe someone likes to discuss it with me, since I'm not quite sure whether I should recommend others to interpret signing that way. Definition: Signing a key means saying: I confirm the full name in the key's ID is the keyowner's right name. The email address in the ID is the one the keyowner put there, but I cannot guarantee it's his/hers. Here are the reasons why I think this definition is handy: 1. Assumption: Only the keyowner possesses the private key. 2. Assumption: The person I do the fingerprint-check with wants to receive a message from me. 1. Assumption and 2. Assumption = 1. Conclusion: The person I do the fingerprint-check with sends me her/his own public key. 1. Assumption and 2. Assumption = 2. Conclusion: The person I do the fingerprint-check put an email address in the public key's ID to which she/he has access. (we know that without taking a look at the email address AT ALL.) 3. Conclusion: If signing a key has the meaning as stated above, no information will be revealed to persons, who were not intented as recipient. 3. Conclusion is true, because there are only to possible cases: 1. Case: The person I do the fingerprint-check with puts his/her RIGHT email address in the key's ID. I don't check the email address, but the Name in the ID and sign the key. -- No problems. 2. Case; The person I do the fingerprint-check with (let's call him Peter Hansen) doesn't put his, but Anna's email address (a...@web.com) in the key's ID, because he managed to get access to it (attack). I don't check the email address, but the Name in the ID and sign the key. The ID is now: Peter Hansen a...@web.com. Let's say Marie somehow get's this signed key. There are again two cases: 2.1 Case: Marie wants to send Anna a message. Although she recognizes Anna's email address and my signature, she will not use the key, because there's Peter Hansen written in the ID. -- No problem. 2.2 Case Marie wants to send Peter Hansen an encrypted email. Then she will use the key and send it to a...@web.de and Peter will even receive it, since he has access. -- No real problem. 2.2 Remark: If Peter just made a mistake when typing the email address, he will not be able to access the message. But that's his own fault, not mine. I'm grateful for answers. Take care, Jan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
On Thu, Apr 07, 2011 at 10:31:24AM +0200, takethe...@gmx.de wrote: Definition: Signing a key means saying: I confirm the full name in the key's ID is the keyowner's right name. The email address in the ID is the one the keyowner put there, but I cannot guarantee it's his/hers. Yes you can, and that's the whole point. You need to verify that the key they claim is theirs, is actually indeed their key. The person I do the fingerprint-check with (let's call him Peter Hansen) doesn't put his, but Anna's email address (a...@web.com) in the key's ID, because he managed to get access to it (attack). I don't check the email address, but the Name in the ID and sign the key. The ID is now: Peter Hansen a...@web.com. Let's say Marie somehow get's this signed key. There are again two cases: When verifying that the key belongs to the owner, you should be establishing identity. This means if you don't know the person, you should verify the name, fingerprint in the key, and verify some sort of identification from the owner. So, if Peter Hansen stole Anna's key, it should be obvious that the name in the key doesn't match the name on the presented identification. Further, if Anna setup her key, then her name and email are in the public key. Signing the key doesn't automatically change her name to Peter Hansen, just because Peter has the key, so I'm not exactly sure what you're saying here. Marie wants to send Anna a message. Although she recognizes Anna's email address and my signature, she will not use the key, because there's Peter Hansen written in the ID. No, she won't, which is where I'm confused. Marie will see Anna's name in the key, not Peter's. Further, the encrypted message will go to Anna's email account, not Peter's. And, even if Peter did some how intercept the encrypted message, if he doesn't have Anna's private key, what good is it? Marie wants to send Peter Hansen an encrypted email. Then she will use the key and send it to a...@web.de and Peter will even receive it, since he has access. What? How? By sniffing the packets sent between MTAs? If Peter has access to Anna's mail, then fine. But if he doesn't, his only way to the mail in transit is to sniff packets or break into Marie's account. The point of key signing is to build a decentralized web of trust. For every signature you apply to a public key, you are indeed saying that you have done careful checking to ensure that the key does in fact belong to the owner it claims. The more the signatures on the key, the stronger this statement becomes. Sure, you can't be 110% sure that the owner didn't steal a laptop, create fake credentials, and steal the identity of the key owner, collecting signatures. However, the key owner should have been smart enough, that when he/she generated the key, that they also generated, and printed, the revocation certificate, so should his laptop get stolen, he can revoke the key, publish it to the servers, and start over. And you're a good citizen, because you refresh your public keyring from the keyservers regularly, and would have caught the revocation before signing the key. 100% sure? Probably not. 98% sure? Most likely. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
On Thu, Apr 07, 2011 at 10:31:24AM +0200 Also sprach takethe...@gmx.de: Hi everybody out there, I put some thoughts on the meaning of signing a key and came to an unusual definition. Maybe someone likes to discuss it with me, since I'm not quite sure whether I should recommend others to interpret signing that way. Definition: Signing a key means saying: I confirm the full name in the key's ID is the keyowner's right name. The email address in the ID is the one the keyowner put there, but I cannot guarantee it's his/hers. I think you will have a hard time getting a consensus on what exactly key signing means. To everyone, due diligence means something a little different. E.G. for my purposes, it is generally sufficient that I know the person who's key I sign is the one with whom I wish to communicate. It makes no difference to me what name they go by, provided it is the one I know them by. That is to say, if my friend, Robby Parkfield, whom I have known for ten years, has actually been using an alias all that time, I don't particularly care. It is enough _for my purposes_ that I know him as Robby Parkfield, and that he is in control of the key I sign. What other, arbitrary collection of symbols some government has assigned to the entity I know by an alternative, arbitrary collection of symbols, Robby Parkfield, is of no importance to me. But this also presupposes that I don't especially care who else uses my signature, or for what purposes, outside my particular circle of friends and associates (my local web of trust), all of whom presumably know the entity in question as Robby Parkfield. Here are the reasons why I think this definition is handy: 1. Assumption: Only the keyowner possesses the private key. Why make that assumption? And even if the key is in the sole possession of the keyowner at the time you sign it, does your signature guarantee that the signed key will never be compromised at any time in the future? If not, then I don't see how the assumption is valid. 2. Assumption: The person I do the fingerprint-check with wants to receive a message from me. What if you have little intention of corresponding directly with said person? Might exchanging signed keys with him/her nevertheless be of value in fortifying a web of trust? 1. Assumption and 2. Assumption = 1. Conclusion: The person I do the fingerprint-check with sends me her/his own public key. 1. Assumption and 2. Assumption = 2. Conclusion: The person I do the fingerprint-check put an email address in the public key's ID to which she/he has access. (we know that without taking a look at the email address AT ALL.) I do not follow your reasoning here. How do we know that the keyholder has access to the email address in the key without looking at it at all (does sending email to the address in question qualify as looking at it)? 3. Conclusion: If signing a key has the meaning as stated above, no information will be revealed to persons, who were not intented as recipient. As recipient of what? The signed key? An encrypted message? As has been discussed previously on this list, among other places, even the act of signing a key can reveal _some_ information. If nothing else, it establishes that you have some kind of relationship with the owner of the key you signed. It may establish that you an he/she were in a specific place at a specific time (e.g. a keysigning party), etc. The words no information must be used with great care, because information leaks out of every pore in even the best crypto-systems. Whether that information is valuable or useful in some way, to a third party, is another matter. 3. Conclusion is true, because there are only to possible cases: 1. Case: The person I do the fingerprint-check with puts his/her RIGHT email address in the key's ID. I don't check the email address, but the Name in the ID and sign the key. -- No problems. I'm not sure one can smuggly declare that there are no problems with signing a key without doing any verification of the email address(es) contained therein. The email addresses are a substantial part of the User ID, and if you fail to verify them AT ALL, should you really be signing the key? This brings us back to my first paragraph: key signing can mean different things to different people. Perhaps it is enough for _your purposes_ to ignore the validity of the email addresses, just as I don't particularly care about government issued forms of ID. However, it is important to consider whether anyone else may someday view your signature on the key, and what they might reasonably infer from it. 2. Case; The person I do the fingerprint-check with (let's call him Peter Hansen) doesn't put his, but Anna's email address (a...@web.com) in the key's ID, because he managed to get access to it (attack). I don't check the email address, but the Name in the ID and sign the key. The ID is now: Peter Hansen a...@web.com. Let's say Marie somehow get's this signed key
Re: Signing a key (meaning)
Kevin wrote the following on 4/7/11 9:49 AM: If nothing else, it establishes that you have some kind of relationship with the owner of the key you signed. It may establish that you an he/she were in a specific place at a specific time (e.g. a keysigning party), etc. The words no information must be used with great care, because information leaks out of every pore in even the best crypto-systems. Whether that information is valuable or useful in some way, to a third party, is another matter. In another forum, one of the members signed my public key and uploaded it to the keyservers with his/her signature, without asking nor notifying me (the key was already on the key servers, but without this added signature) I didn't invite this person to sign my key. I don't know this person, never met her/him, never had any contact except the fact that we both participate in the same forum, together with other members. I decided against asking this person to revoke the signature. I generated a new key pair (that I don't intend to upload to any key server, but instead I shall send it directly to people whom I correspond with), and I shall gradually phase-out the previous key, until I finally revoke it. Yes, I know. Paranoia. Charly ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
On 04/07/2011 12:06 PM, Charly Avital wrote: In another forum, one of the members signed my public key and uploaded it to the keyservers with his/her signature, without asking nor notifying me (the key was already on the key servers, but without this added signature) I didn't invite this person to sign my key. I don't know this person, never met her/him, never had any contact except the fact that we both participate in the same forum, together with other members. I'd say you've learned something about the reliability of this other person's OpenPGP certifications. If you were to publicly identify them (in a forum where they have a chance to respond, to be polite), I think you'd be doing a favor to everyone who might have otherwise considered relying on these certifications. I decided against asking this person to revoke the signature. I can understand this. It seems like a losing game, especially since you can't control whether they decide to revoke or not. Besides, it's not your fault or your problem if they made an unverified certification. I generated a new key pair (that I don't intend to upload to any key server, but instead I shall send it directly to people whom I correspond with), and I shall gradually phase-out the previous key, until I finally revoke it. I don't understand this. What are you trying to protect yourself from? Will you phase out this new key when one of your correspondents uploads it to the public keyservers? How do you plan to distribute updates or revocations to your correspondents? Yes, I know. Paranoia. I have no problem with forms of paranoia that helps keep people's communication safe. I do have a problem with paranoia that makes communications more problematic and does nothing to make things more safe or reliable. Why advocate the latter? --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
Thanks everybody for all the answers. The reason I asked this quetion is that I wonder how I can check whether the email address in the ID realy belongs to the keyowner. Let's say I've been knowing Peter Hansen for quite some time, but I don't know his email address. Now he tells me it's funny1...@hot.com and sends me his public key with the ID Peter Hansen funny1...@hot.com. I'd like to sign that key after having made a fingerprint check with him on the phone. How can I make sure it's not someone elses address he illegaly has access to? The only possible answer is to wait a year or something and have email contact with him and see whether nothing suspicious happens. If nothing suspicious happens, I'd believe it's really his address. But I don't want to wait a year with signing and why is it of importance to check whether it's really his address at all? If the address belongs to Anna, and Marie sends an encrypted messages to funny1...@hot.com intented only for Peter to read, Anna will not be able to read the message. If Marie intends to send a message to Anna, she will not use the key, because it's Peter Hansen written in the ID. She will just ignore my signature. In one of the relpies I got, Kevin said there might be a problem: Marie wants to send Anna a message. Marie uses an email program, with GnuPG integration, which automatically selects an encryption key based on the email address entered into a composed message. Because you have signed the key which has User ID Peter Hansen a...@web.com, and depending on Marie's trust settings, the message may be encrypted and sent to that email address, with no further alerts. Peter reads the message intended for Anna. In the hypothetical case I present, it is perhaps Marie's fault for not being more diligent in examining the keys she uses, but I think it is plausible that a normal user might rely on software to automate a task like that, without paying close attention to what's really going on. In reality, Marie needs to download Anna's key from a server, if she really wants to send encrypted messages to Anna. Let's say she searches for funny1...@hot.com. Then the following list appears: ID: Anna Hoffman funny1...@hot.com ID: Peter Hansen funny1...@hot.com (signed by me). If she is aware of security issues, she'll only download Anna Hoffman funny1...@hot.com, so there will be no problems. I wonder what happens, if she has both keys on her computer. I bet the standard software described above will ask her which key to use. What do you think? Finally I don't see a practial way to really check the email address, so I think it's best if we are honest and say Marie is responsible for checking the name in the users ID before she uses/downloads it and the keyowner is responsible for putting an email address in the ID he has access to. What do you think? Take care, Jan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
How to verify the e-mail address when certifying OpenPGP User IDs [was: Re: Signing a key (meaning)]
On 04/07/2011 07:33 PM, takethe...@gmx.de wrote: The reason I asked this quetion is that I wonder how I can check whether the email address in the ID realy belongs to the keyowner. The standard way i've seen e-mail address verification done is with caff (certificate authority fire and forget) from the signing-party package in debian. caff works like this: 0) during an in-person meeting, you verify the person's identity (often by checking official ID) and get their claimed fingerprint. You note this down in some way that you can unimpeachably retrieve it (e.g. on a slip of paper, in your own handwriting, and that does not leave your physical possession). 1) afterward, when you have some time, you take your piece of paper, and for each fingerprint, run caff $FINGERPRINT. caff presents you with the person's name and claimed e-mail address. You verify the name, and that the e-mail address seems at least plausible. 2) if you've said it seems ok, caff then makes an OpenPGP certification on your behalf, creates an introductory e-mail message explaining what this is, attaches the certification, encrypts the e-mail message to the keyholder, and sends the e-mail. The certification stays in a special caff-specific keyring (not your own everyday keyring). If the keyholder actually does control the e-mail address in question, they'll receive the message, decrypt it, and then be able to add your certification to their own key. Then, if they choose, they can upload your certification to the public keyserver (so you and everyone else can see it) or they can mail it back to you (if they only want to complete the handshake for you in particular, but want to keep the association otherwise temporarily private). Make sense? --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to verify the e-mail address when certifying OpenPGP User IDs [was: Re: Signing a key (meaning)]
Hi Daniel, thanks for the answer, but it seems to me with this procedure you only checkwhetherthe person has access to the email address, you don't check whether this access is illegal, don't you? Tace care, Jan Original-Nachricht Datum: Thu, 07 Apr 2011 19:49:50 -0400 Von: Daniel Kahn Gillmor d...@fifthhorseman.net An: takethe...@gmx.de CC: GnuPG Users gnupg-users@gnupg.org Betreff: How to verify the e-mail address when certifying OpenPGP User IDs [was: Re: Signing a key (meaning)] On 04/07/2011 07:33 PM, takethe...@gmx.de wrote: The reason I asked this quetion is that I wonder how I can check whether the email address in the ID realy belongs to the keyowner. The standard way i've seen e-mail address verification done is with caff (certificate authority fire and forget) from the signing-party package in debian. caff works like this: 0) during an in-person meeting, you verify the person's identity (often by checking official ID) and get their claimed fingerprint. You note this down in some way that you can unimpeachably retrieve it (e.g. on a slip of paper, in your own handwriting, and that does not leave your physical possession). 1) afterward, when you have some time, you take your piece of paper, and for each fingerprint, run caff $FINGERPRINT. caff presents you with the person's name and claimed e-mail address. You verify the name, and that the e-mail address seems at least plausible. 2) if you've said it seems ok, caff then makes an OpenPGP certification on your behalf, creates an introductory e-mail message explaining what this is, attaches the certification, encrypts the e-mail message to the keyholder, and sends the e-mail. The certification stays in a special caff-specific keyring (not your own everyday keyring). If the keyholder actually does control the e-mail address in question, they'll receive the message, decrypt it, and then be able to add your certification to their own key. Then, if they choose, they can upload your certification to the public keyserver (so you and everyone else can see it) or they can mail it back to you (if they only want to complete the handshake for you in particular, but want to keep the association otherwise temporarily private). Make sense? --dkg ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 07-04-2011 13:06, Charly Avital escribió: ... In another forum, one of the members signed my public key and uploaded it to the keyservers with his/her signature, without asking nor notifying me (the key was already on the key servers, but without this added signature) Oh, well, encryption faeries soon or latter will upload your keys to keyservers. And you can't prevent people from signing it, specially the newbies reading support lists. I didn't invite this person to sign my key. Yes, but the default setting of GnuPG is not encrypt to untrusted keys, so the first thing a newbie might do is to sign the keys of people providing support in the list. After all, trust all doesn't sound any good. I don't know this person, never met her/him, never had any contact except the fact that we both participate in the same forum, together with other members. And it might be a good reason to issue a local signature, after all, after reading some messages, we might want to mark your key as a key belonging to somebody that provides advices we can trust. But local signatures is something we don't learn on the first day. I decided against asking this person to revoke the signature. Yes, that would add more noise to your key. People could interpret it as a signal of distrust, instead a neutral signal. I generated a new key pair (that I don't intend to upload to any key server, but instead I shall send it directly to people whom I correspond with), and I shall gradually phase-out the previous key, until I finally revoke it. As long as you write in support lists, I think that key would be useful to you. And don't forget PGP faeries, your new key might be uploaded, if one day one of your correspondents drink decaffeinated coffee by mistake. Maybe we should have a daily use key for mailing lists, signatures on nicknames and so, and another for business. Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNnlcCAAoJEMV4f6PvczxAUd0H/0uWJfoKLtjUjzr6GktEcyZd 4n4o7LXVqwpLPI9lSkpxzZnXItHhFG75DzgBK+j0rs03VSdJeKAk90l3aY0Y+aHE iHx4dyAFsxRyDxc0kTwE5+1dVI4GxeEZPAF6i5M61XR5CiZNpc78z0XM8aRNSewK AophLkTeQ9pjsUJ+BfFfF1zV/3mluBMfbdTdsz1J4Y1qaUOUMW8G6g32WPJENFx+ XC88WApSxo1UwZ9vC7NeGyNqvoiPYQls0q6CRH4h99uq4NbCLrf6JtzZ97VbxtP3 uanQV2d7dIPkEjNuP/aCPfXDxAW+KEiwO+GbQSK+dAEqi6w24cCBtc8c2la+0hE= =ROAc -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to verify the e-mail address when certifying OpenPGP User IDs [was: Re: Signing a key (meaning)]
On 04/07/2011 08:05 PM, Jan Janka wrote: thanks for the answer, but it seems to me with this procedure you only checkwhetherthe person has access to the email address, you don't check whether this access is illegal, don't you? I have made no claims anywhere about legality or illegality (i also haven't specified legal jurisdiction, for that matter). Do you mean should legitimately have access, or something like that? The verification test caff proposes is Does the keyholder have the ability to read mail sent to the address in the User ID?. This is pretty close to what i want to know, actually. It does not try to test things like does the e-mail address in question use a good passphrase for access or is it hosted on a reliable mail host or are all steps of SMTP delivery STARTTLS-capable using X.509 certificates with sensible trust anchors or is legally-entitled to under US law. These other tests are all rather subjective, potentially impossible to automate, and of dubious usefulness anyway. So i'm pretty happy with the caff methodology, though i'd be open to hearing other concrete proposals that answer relatively clear-cut questions. I do have some problems with the caff user interface, but that's another story :/ Regards, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to verify the e-mail address when certifying OpenPGP User IDs [was: Re: Signing a key (meaning)]
On 4/7/11 8:05 PM, Jan Janka wrote: Hi Daniel, thanks for the answer, but it seems to me with this procedure you only checkwhetherthe person has access to the email address, you don't check whether this access is illegal, don't you? Tace care, Jan Well, yes, but then you have to ask how OpenPGP protects against someone using a forged passport. Or more outlandishly, getting plastic surgery and using another person's real ID. At some point, technology can't solve the problem of authentication. In the case you proposed, you need to evaluate how much you trust Peter Hanssen in real life. If you've known him for years, it's unlikely he's just been waiting all this time to trick you into signing a key as part of some elaborate scam. Then again, if you've known him for years because you've been buying his counterfeit jeans, or he offered you $5000 dollars to buy your newborn baby, maybe you don't trust him and you don't sign the key. In the case of something like a key-signing party, (as Daniel described) you're really only confirming that (1) you've validated that they have something that you believe to be a valid government id, (2) You've validated their key's fingerprint in person, and (3) you've validated that they somehow control the attached email address. It is possible to assign different levels to your signature, so that you can distinguish between people you met at a software conference, and that guy who was your cellmate in that Turkish prison for 12 years. It's also possible to provide a link to an URL with your keysigning policy, where you can explicitly spell out the meaning of each level of certification to you. Keep in mind that the web-of-trust isn't the mafia. If you 'vouch' for someone and they turn out to be a rat, nobody's going to two bullets in your chest, and one in your head. Mistakes happen. You can always revoke your signature if you start to doubt the key's validity. You haven't made a mistake that will haunt you for the rest of your life. And if you're still worried about elaborate and obscure attack scenarios, then maybe the web-of-trust just isn't for you. This is perfectly fine. Just sign your real-life contact's keys with a local sig, which won't get exported to the keyservers. -- Grant I am gravely disappointed. Again you have made me unleash my dogs of war. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing a key (meaning)
Faramir wrote the following on 4/7/11 8:29 PM: Oh, well, encryption faeries soon or latter will upload your keys to keyservers. And you can't prevent people from signing it, specially the newbies reading support lists. I can't prevent it, but I may naively expect people to respect conventions. And as you write further in your remarks, there is such a thing as a local (non-exportable) signature. I didn't invite this person to sign my key. Yes, but the default setting of GnuPG is not encrypt to untrusted keys, so the first thing a newbie might do is to sign the keys of people providing support in the list. After all, trust all doesn't sound any good. Trust all keys is expedient and not good. Again: local signature. But local signatures is something we don't learn on the first day. Eventually, one learns. your new key might be uploaded, if one day one of your correspondents drink decaffeinated coffee by mistake. One must accept to live dangerously :-) Thank you for remarks. Charly ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users