|
|
Subscribe / Log in / New account

Re: kernel.org status: establishing a PGP web of trust

[Posted October 5, 2011 by corbet]

From:  Valdis.Kletnieks-AT-vt.edu
To:  Adrian Bunk <bunk-AT-stusta.de>
Subject:  Re: kernel.org status: establishing a PGP web of trust
Date:  Tue, 04 Oct 2011 16:29:48 -0400
Message-ID:  <34045.1317760188@turing-police.cc.vt.edu>
Cc:  "Frank Ch. Eigler" <fche-AT-redhat.com>, "H. Peter Anvin" <hpa-AT-zytor.com>, "Rafael J. Wysocki" <rjw-AT-sisk.pl>, Linux Kernel Mailing List <linux-kernel-AT-vger.kernel.org>, Greg KH <gregkh-AT-suse.de>
Archive‑link:  Article

On Mon, 03 Oct 2011 21:04:41 +0300, Adrian Bunk said:
> On Mon, Oct 03, 2011 at 12:28:17PM -0400, Frank Ch. Eigler wrote:

> > What is the threat that this passport checking is intended to cure?
> > That someone else might have been impersonating Rafael for years,
> > sending patches, chatting in email and over the phone, and attending
> > conferences?
>
> Key signing is an identity check.

That's dodging the issue. Somehow, I don't see Andrew Morton asking Linus to
sign his key, and Linus saying "How do I know you're the *real* Andrew Morton?"
And Andrew is a clever guy, if he was a fake Andrew, I'm sure he'd have gotten
a fake ID that would be good enough to fool Linus, who is also a clever guy but
I'm not aware of any special background he has in forgery detection. ;)

The more important point is that as far as the linux-kernel community is
concerned, the guy we've all seen show up at conferences and present stuff all
these times *is* Andrew Morton, even if his real name is George Q. Smith and
he's been on the run for the last 27 years for an embarassing incident
involving an ostrich, the mayor's daughter, and 17 gallons of mineral oil in
the atrium of the museum. ;)

The ID check is  to connect an actual person to the claimed key, and primarily
intended for key signing parties and the like, where people *don't* know each
other very well. I think there's something like 5 people on the linux-kernel
list who actually know me in real life, because I don't travel much and I'm
rather in the boonies.  If I asked anybody *else* who I'd not met before to
sign my key, yes, I'd expect them to check my ID, to ensure I wasn't somebody
trying to pull a fast one at the keysigning party.

> > If so, perhaps the impostor is of more value to the
> > project than the Real Rafael.
> 
> Pseudonymous contributions to the kernel are not allowed.

See above - whoever Andrew Morton *really* is, his contributions are hardly
pseudonymous.

to post comments

Re: kernel.org status: establishing a PGP web of trust

Posted Oct 6, 2011 15:53 UTC (Thu) by jcm (subscriber, #18262) [Link] (7 responses)

Exactly. This is why we really need to get over the stupidity of turning up to keysigning parties and looking at passports from countries we've never been to as if we could really even tell they weren't freshly printed.

What I'd like to see is "keysigning" parties where folks with well established (in use) keys turn up and *prove* they own the key by signing some information the other attendees provide. That way they can not only say "hey, I'm dude X, trust me this is my fingerprint, here's a photo ID" (which means nothing), but they can say "hey, I have access to this key, because I just signed that random message you gave me interactively". Who cares who the heck they really are beyond that?

Jon.

Re: kernel.org status: establishing a PGP web of trust

Posted Oct 7, 2011 6:20 UTC (Fri) by paulj (subscriber, #341) [Link] (6 responses)

That's already done though - or at least, is the reason for exchanging fingerprints at the keysigning. Anyone I've met at a key-signing party, I then later exchange encrypted email with. Once I've verified the fingerprint matches that of the key I may then sign. I imagine that's how most people do it.

Re: kernel.org status: establishing a PGP web of trust

Posted Oct 7, 2011 6:32 UTC (Fri) by jcm (subscriber, #18262) [Link] (5 responses)

How does you giving me a copy of your fingerprint prove that you own that key and didn't just download a copy of the fingerprint? If you then email me, how do you know you're emailing "me" and not someone else who controls the key? Answer: you don't. Unless you and I exchange some information that is tied to that key through a signature at the keysigning.

Re: kernel.org status: establishing a PGP web of trust

Posted Oct 7, 2011 8:42 UTC (Fri) by paulj (subscriber, #341) [Link] (4 responses)

The fingerprint is the cryptographic hash of the public key (MD5 a long time, SHA-1 for at least 12 years now), so it's public knowledge, so it doesn't prove ownership. Rather:

1. The person you met at the keysigning TOLD you that fingerprint is their key.

2. You can verify that that person is indeed the same person as the one controlling the corresponding key by exchanging encrypted data with it and verifying each side has decrypted the others.

However, there's no need for 2 to happen at the party itself. If you do it by exchanging email "We met at that signing party, and this was my fingerprint, remember?" and verify the other side can decrypt it and securely acknowledges that they met you, then you've achieved just the same thing as if you did something akin to step 2 before each other at the party.

Re: kernel.org status: establishing a PGP web of trust

Posted Oct 7, 2011 11:05 UTC (Fri) by nix (subscriber, #2304) [Link] (1 responses)

But this only works if your machine hasn't been compromised and your key stolen, right?

Boy, it's a good thing no kernel developers have had their machines compromised lately.

Re: kernel.org status: establishing a PGP web of trust

Posted Oct 7, 2011 12:12 UTC (Fri) by nybble41 (subscriber, #55106) [Link]

If you follow the recommended procedures for key storage[1], the master private key which represents your identity is kept offline unless you need to sign someone else's key, generate a new subkey, or revoke a key. Separate subkeys (signed by the master key) are used for normal signing and encryption. You may need to revoke these subkeys and distribute new ones, but the master key used for the web-of-trust should remain valid so long as you don't bring it online after the machine is compromised.

[1] E.g. <http://wiki.debian.org/subkeys>

Re: kernel.org status: establishing a PGP web of trust

Posted Oct 7, 2011 15:03 UTC (Fri) by jcm (subscriber, #18262) [Link] (1 responses)

Anyone who controls that key can say "yea sure, I met you". It means *nothing*. Really. Seriously. The *only* way to connect the physical person in front of you with the key is for an interactive signing to take place.

Re: kernel.org status: establishing a PGP web of trust

Posted Oct 7, 2011 15:41 UTC (Fri) by paulj (subscriber, #341) [Link]

The situation you're describing is where person X, who you've met in person, thinks they control key A (indeed must, given your proposal), while some other person Y *also* controls the key and can intercept your email encrypted to key A and say "Yeah, indeed I met you there and A is my key".

Basically, if this is what you're worried about, the problem is that key A is compromised (as far as person X is concerned at least). I don't see how doing the encrypted exchange in person helps mitigate the compromise in any way - it doesn't help unmask that Y also controls A, & it doesn't stop Y from decrypting material intended for X with A.

But perhaps I've misunderstood you.


Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds