FAQ, take two

Robert J. Hansen rjh at sixdemonbag.org
Tue Jun 5 12:36:51 CEST 2012 

On 6/5/2012 5:22 AM, gnupg at lists.grepular.com wrote:
> FWIW, until I read somebody complaining about people uploading key
> signatures, instead of sending them to the key owner, it never
> occurred to me that it could possibly be a problem for anyone.

I'll go one step further: my personal belief is that this pursuit is a
fool's errand.

What people are really asking for is a concept the military calls ORCON,
for "ORiginator CONtrol" [1].  The idea is that with ORCON data the
person or agency that originated the data gets absolute control over how
the data is disseminated and how it may be released.

To do ORCON within the context of public-key certificates, we would need:

	1.  Infrastructure.  The keyserver-no-modify flag
	    is a nice idea, but no keyserver currently
	    honors it.
	2.  Training.  ORCON is a hard thing to pull off,
	    and requires that the originator and those who
	    come into contact with the data know how to
	    treat ORCON data.  That's simply not going to
	    happen.
	3.  Accountability.  There needs to be some way or
	    ways to detect ORCON violations and handle
	    offenders appropriately (social condemnation).
	    But there's no way to tell who uploads a
	    certificate to a keyserver.  If Bob signs Alice's
	    key and Charlie, Bob's roommate, who has access
	    to Bob's public keyring, later uploads Alice's
	    certificate to the keyserver, it makes no sense
	    to blame Bob (the signer) for what Charlie did
	    (violate ORCON).  But since there's no way to
	    trace it back to Charlie...

Once those three are addressed then I'll take the "I want ORCON" crowd
seriously.  Until then, my response to the ORCON crowd is "I want
stronger beer and honest politicians."

I think it's foolish to try to establish a social norm which offenders
cannot be identified and the norm cannot be enforced.  That doesn't mean
I think Charly's wishes shouldn't be respected: he's made his wishes
clear and I think decent people will respect them.  But there's a
difference between saying "I'll respect the desires of someone who makes
their wishes on this subject clear" and "there is a social norm which
must be upheld."

[1]
http://en.wikipedia.org/wiki/Classified_information_in_the_United_States#Handling_caveats

More information about the Gnupg-users mailing list