Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: users

Protecting IDs at a key signing party

 

 

GnuPG users RSS feed   Index | Next | Previous | View Threaded


hankivy at hot

Dec 8, 2010, 12:20 PM

Post #1 of 13 (892 views)
Permalink
Protecting IDs at a key signing party

I moved to a small town in a new state for personal reasons. For work I telecommuted as an
independent consultant. A computer user group I joined recently is going to be holding a key
signing party. NOBODY has met me more than three times, once a month.

Should I take more than two government issued IDs?

If the answer is to take more IDs, how should I organize, and protect them?

I could also bring a birth certificate, high school yearbook, URL to a college yearbook, US Army
BCT yearbook, a photo of my US Army BCT platoon (signed on the back by 80% of the platoon),
several college student IDs, four or five business cards from employment at two major computer
manufacturers, three expired passports, URL to Linkedin, and an URL to Facebook. All of it
would seem like overkill.

What should I take? How should I organize, and protect the IDs?

--
Hank Ivy

GPG Fingerprint:
1A0F E1CB 0160 0069 7C19 4B00 911C 92E8 F8B0 4C7C

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jh at jameshoward

Dec 8, 2010, 1:29 PM

Post #2 of 13 (862 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

On Wed, Dec 8, 2010 at 15:20, Hank Ivy <hankivy [at] hot> wrote:
> What should I take?  How should I organize, and protect the IDs?

Take two. A driver's license and a passport would be best, though one
probably authenticated you for the other. To protect them, put them
in your wallet or pocket.

James

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


rjh at sixdemonbag

Dec 8, 2010, 1:54 PM

Post #3 of 13 (865 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

On 12/8/10 3:20 PM, Hank Ivy wrote:
> What should I take? How should I organize, and protect the IDs?

For me, I bring a passport and a driver's license. If anyone tells me
"that's not enough for me!", well, okay: it's not enough for them.
There are plenty of other people at the keysigning party, and I might
not want to have a signature from someone quite that paranoid and
tinfoil-hatted, anyway. :)

The best way to protect the ID is to not let it out of your sight. If
someone wants to hold onto your ID to inspect it, let them: but don't
let them walk away with it. Sounds stupid, but it works.

Honestly, the biggest ID risk at a keysigning party is people
accidentally walking away with each others' drivers' licenses.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


dshaw at jabberwocky

Dec 8, 2010, 2:12 PM

Post #4 of 13 (860 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

On Dec 8, 2010, at 3:20 PM, Hank Ivy wrote:

> I moved to a small town in a new state for personal reasons. For work I telecommuted as an
> independent consultant. A computer user group I joined recently is going to be holding a key
> signing party. NOBODY has met me more than three times, once a month.
>
> Should I take more than two government issued IDs?
>
> If the answer is to take more IDs, how should I organize, and protect them?
>
> I could also bring a birth certificate, high school yearbook, URL to a college yearbook, US Army
> BCT yearbook, a photo of my US Army BCT platoon (signed on the back by 80% of the platoon),
> several college student IDs, four or five business cards from employment at two major computer
> manufacturers, three expired passports, URL to Linkedin, and an URL to Facebook. All of it
> would seem like overkill.
>
> What should I take? How should I organize, and protect the IDs?

There isn't a simple answer here, since people who sign keys can each decide what they want before signing. Personally, I'll sign with two government issued IDs, and wouldn't bother to bring more than that to a party.

David


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


mailinglisten at hauke-laging

Dec 8, 2010, 2:35 PM

Post #5 of 13 (861 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

Am Mittwoch 08 Dezember 2010 22:54:02 schrieb Robert J. Hansen:

> For me, I bring a passport and a driver's license. If anyone tells me
> "that's not enough for me!", well, okay: it's not enough for them.

That should not be a question of personal attitude but of the signing policy
for the respective key. As there are different scenarios in real life there
should be different keys or at least signing descriptions available for
everyone.

As reading prose policys does not scale well I would like to have a standard
for that. I have mentioned that on this list before.

The very simple certification level scheme could be extended be e.g.
standardized notations. There is a IETF reserved notation namespace but there
aren't any IETF notations yet. I suggest a standard for at least these pieces
of information:

- key owner has been personally known for x years
- frequent contact with the key owner for x years
- x family members of the key owner have been personally known for y years
- identity has been checked by looking at document of type x
- identity has been checked by electronic means (of type x)
- email address has been checked
- key is on a smartcard
- key has been created on a smartcard with no backup
- key has been created on a smartcard with a secure offline backup only
- main key has been created in a secure environment
- key is intended for usage in an unsecure environment (e.g. Webmail)
- key is intended for usage in a secure environment only
- other keys of this key owner: ... (for better trust calculations)
- key is (not) intended for signing (small / high amount) treaties

The result would be a machine readable signature policy. And you could certify
any key. GnuPG could be configured how to translate this detailed data into
the current three levels of checking effort.

Today you have signature policies for some keys. But what are they worth?
Imagine you have a rather insecure key for spam (filter) protection and the
like. This key gets compromised. The attacker can easily write a signing
policy which claims this key to be a high security smartcard key and sign it.
Worth nothing. Trustworthy signature policies have to be signed by the people
who sign the key itself, too. This would be achieved if you had a kind of
signature policy within the signature notations.

The document types should contain both general entries and national
extentions.

This way an important feature could be added: Signing subkeys. The
impossibility to do this makes GnuPG incompatible with at least the German law
for digital signatures (unless the CA would destroy the secret main key and
give only the subkeys to the customer which is not the idea of GnuPG I think).
The subkeys would not be signed directly but their fingerprints would become
signature notations.

A bit off-topic. Sorry. :-) But I really hope there are a few people out
there who see the same need...


Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
Attachments: signature.asc (0.54 KB)


wk at gnupg

Dec 9, 2010, 8:52 AM

Post #6 of 13 (854 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

On Wed, 8 Dec 2010 23:35, mailinglisten [at] hauke-laging said:

> aren't any IETF notations yet. I suggest a standard for at least these pieces
> of information:
>
> - key owner has been personally known for x years
> - frequent contact with the key owner for x years
[many more]

It is very unlikely that OpenPGP will ever adopt such standards. There
is an unspoken policy that we don't define policies but merely provide a
framework so others can implement something on top of it. If we would
start to adopt any such policies we would soon end up in the X.509 mud.
The signature classes 0x10 to 0x13 are for a reason not very strictly
defined.


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


benchoff at bev

Jan 18, 2012, 5:38 PM

Post #7 of 13 (602 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

On Thu, Dec 09, 2010 at 05:52:42PM +0100, Werner Koch wrote:
> On Wed, 8 Dec 2010 23:35, mailinglisten [at] hauke-laging said:
>
> > aren't any IETF notations yet. I suggest a standard for at least these pieces
> > of information:
> >
> > - key owner has been personally known for x years
> > - frequent contact with the key owner for x years
> [many more]
>
> It is very unlikely that OpenPGP will ever adopt such standards. There
> is an unspoken policy that we don't define policies but merely provide a
> framework so others can implement something on top of it. If we would
> start to adopt any such policies we would soon end up in the X.509 mud.
> The signature classes 0x10 to 0x13 are for a reason not very strictly
> defined.
>
>
> Shalom-Salam,
>
> Werner

There is a way for you to put your own signing policy URL in the signature.
If you want something more formal, you could join a particular web of trust
with a well-defined policy, e.g. Gossamer Spider Web of Trust
http://www.gswot.org/. (I don't know much about them.) Your specific
items might provide a good start for a standard to document these policies.
I think it is particularly important to keep these policies de-coupled
from the OpenPGP standard though.

I think a lot about what signature classes are appropriate for what situations
and similar pedantry, but the current state of practice needs help at a
more fundamental level. I just attended my first key-signing party. The
participants likely have an above-average technical skill set. Of the 16
signatures I've received so far, all are at the default level. Five
signers delivered my signed keys in encrypted form to the individual UIDs.
The rest just uploaded them to a keyserver. I can't be critical of anyone
who did that. It seems to be the most common practice.

We are very lucky to have an open standard (OpenPGP) and a free/open-source
implementation (GnuPG) to work with. The really hard problems are trying
to get people to use them correctly.

Phil

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


expires2012 at rocketmail

Jan 21, 2012, 5:58 AM

Post #8 of 13 (592 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Thursday 19 January 2012 at 1:38:37 AM, in
<mid:20120119013837.GC23672 [at] groupw>, Phil Benchoff wrote:


> I think a lot about what signature classes are
> appropriate for what situations and similar pedantry,
> but the current state of practice needs help at a more
> fundamental level. I just attended my first
> key-signing party. The participants likely have an
> above-average technical skill set. Of the 16
> signatures I've received so far, all are at the default
> level. Five signers delivered my signed keys in
> encrypted form to the individual UIDs. The rest just
> uploaded them to a keyserver. I can't be critical of
> anyone who did that. It seems to be the most common
> practice.


I *am* pretty critical of that.

Those 11 people have denied you the opportunity to see exactly what
they are adding to your key before publishing it. (That may generally
be seen as trivial, but it matters to me.)

More importantly, they are signing UIDs that may well contain email
addresses, without actually verifying that you "control" those email
addresses.

- --
Best regards

MFPA mailto:expires2012 [at] rocketmail

However beautiful the strategy, you should occasionally look at the results.
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTxrElaipC46tDG5pAQr9XQP/bgSvw1RIUvgf/asdQTe3DJYoXtvXyqmO
VuVPG2ZmJyseJwvw+QNYO+lw+TLbxUoUAaJpTqiP4CtV/k4IMtOKwRRsBLZDGIgD
Vj+cd9bGapfx6vOLzegaMKpDSRdaJ4TCBAlVoQSYeLruxIbnuEb/PZ1ITtC3gKLr
z8G8mzbao2A=
=wbE5
-----END PGP SIGNATURE-----


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jerome at jeromebaum

Jan 21, 2012, 6:07 AM

Post #9 of 13 (594 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

On 2012-01-21 14:58, MFPA wrote:
> More importantly, they are signing UIDs that may well contain email
> addresses, without actually verifying that you "control" those email
> addresses.

Rather, that you "can read an email which they sent that was addressed
to that" email address.

But I do agree it should be the key owner's decision where that
signature is uploaded.


--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
--
nameserver 217.79.186.148
nameserver 178.63.26.172
http://opennicproject.org/
--
No situation is so dire that panic cannot make it worse.
Attachments: signature.asc (0.86 KB)


rjh at sixdemonbag

Jan 21, 2012, 2:01 PM

Post #10 of 13 (597 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

On 1/21/2012 8:58 AM, MFPA wrote:
> Those 11 people have denied you the opportunity to see exactly what
> they are adding to your key before publishing it. (That may generally
> be seen as trivial, but it matters to me.)

It's less than trivial: it's a complete nonissue.

If they want to mess with you, they don't need your permission. As is,
you've explicitly asked them, "would you please sign certificate
0xDEADBEEF, fingerprint so-and-so, here's my credentials." Then they're
signing it with *their* certificate, backed up by credentials that you
yourself checked. How is this a problem?

You've been making hay out of this for years and I've yet to see any
realistic example of this being a problem. Please present one.

> More importantly, they are signing UIDs that may well contain email
> addresses, without actually verifying that you "control" those email
> addresses.

Likewise, regarding making hay and a complete lack of realistic examples.
Attachments: signature.asc (0.18 KB)


peter at digitalbrains

Jan 22, 2012, 1:32 AM

Post #11 of 13 (600 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

On 21/01/12 23:01, Robert J. Hansen wrote:
> Then they're signing it with *their* certificate, backed up by
> credentials that you yourself checked. How is this a problem?

While I generally agree with you on the rest of your mail, this is not
necessarily the case. You met them at a keysigning party. They probably
presented you something they thought would prove their identity. If you read
"checked" as "you looked at it", then yes, probably that is also true :).
But I interpret "checked" here as "verified it was okay", and that is not
necessarily the case.

By the way, I think it's courtesy to send the signature to the key owner.
But it is not a security issue.

I have so far attended a keysigning party once. I noticed a few people had
not published my signature (don't know why)[1]. This also weakened my own
Web of Trust, which was not a big issue, but I still decided to do local
signatures on those keys that did not have my exportable signature. Fine.
But I also have a laptop, so I needed to export my local signatures,
etcetera. A lot of overhead, what with checking fingerprints again for the
local signature, all for a bit of courtesy...

Peter.

[1] I have a slight tremor in the hands, and I noticed sometimes my passport
shaked a bit while I was holding it up so the person in front of me could
check it. Perhaps they thought I was bloody nervous because I was trying to
trick them??

--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


expires2012 at rocketmail

Jan 23, 2012, 2:52 PM

Post #12 of 13 (598 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 21 January 2012 at 10:01:51 PM, in
<mid:4F1B35CF.1000008 [at] sixdemonbag>, Robert J. Hansen wrote:


> If they want to mess with you, they don't need your
> permission. As is, you've explicitly asked them,
> "would you please sign certificate 0xDEADBEEF,
> fingerprint so-and-so, here's my credentials."

True.



> Then
> they're signing it with *their* certificate, backed up
> by credentials that you yourself checked.

Except that you have no way of knowing if the certificate they use to
sign the key will contain UIDs related to the credentials you were
shown, or something completely different.



> How is this a problem?

> You've been making hay out of this for years and I've
> yet to see any realistic example of this being a
> problem. Please present one.

People being rude, insensitive, and potentially insulting, *is* a
problem. Not related to security but still a problem. If it were
possible to enforce the "keyserver-no-modify" flag, this problem might
well disappear.



>> More importantly, they are signing UIDs that may well
>> contain email addresses, without actually verifying
>> that you "control" those email addresses.

> Likewise, regarding making hay and a complete lack of
> realistic examples.

Are you suggesting it is sensible to check a person's name against
government-issued documents but to attempt any verification of email
addresses?

- --
Best regards

MFPA mailto:expires2012 [at] rocketmail

A candle loses nothing by lighting another candle
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTx3ksqipC46tDG5pAQrAQgQAnDBspHgabHHXQL7/M7ZRBPp8GjSau4Nd
uwl4BK5HsS/L0BwOyJ0mE1tYl6vaXYFsx4PjqgIsAtgL+t31NDHwGylo69jWls4q
tDCJ3g2TNZjmACdcZ46/sp0SWT6/185SJqK8/TcS4SuUUpuXN5bHYeHZk4malUzB
gISjtERTmYk=
=8fr3
-----END PGP SIGNATURE-----


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


rjh at sixdemonbag

Jan 23, 2012, 4:25 PM

Post #13 of 13 (591 views)
Permalink
Re: Protecting IDs at a key signing party [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 1/23/12 5:52 PM, MFPA wrote:
>> If they want to mess with you, they don't need your permission.
>> As is, you've explicitly asked them, "would you please sign
>> certificate 0xDEADBEEF, fingerprint so-and-so, here's my
>> credentials."
>
> True.
>
>> Then they're signing it with *their* certificate, backed up by
>> credentials that you yourself checked.
>
> Except that you have no way of knowing if the certificate they use
> to sign the key will contain UIDs related to the credentials you
> were shown, or something completely different.

If you need to know the certificate they use to sign your certificate
contains UIDs related to the credentials you were shown, then you need
to stop using OpenPGP. You literally cannot get this level of
assurance. Anyone can sign your certificate and share it with someone
else, and there's no way to change that.

-----BEGIN PGP SIGNATURE-----

iFYEAREIAAYFAk8d+pEACgkQI4Br5da5jhALlQDfQMFghC+RO51auWibZaJa4vDd
fuMyGblKWjtuXQDgovK6RMgmD5C4TI2DtVV6ocFECwkCNtpNnw0Zgw==
=LO82
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.