PKA updates

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Feb 25 21:34:49 CET 2015


On Wed 2015-02-25 11:03:38 -0500, Werner Koch wrote:

> For about a decade GnuPG features a DNS based key validation system
> named PKA.  It worked by adding special TEXT records into the DNS and
> directing gpg via --auto-key-locate to make use of them.  There are
> however a couple of problems with that (e.g. the use of TEXT records) so
> that it requires a redefintion.
>
> What I implemented in master is:
>
>  - The local-part of the mailbox is now hashed and z-base-32 encoded.
>    This allows the use of characters which are not allowed as a DNS name
>
>    The open question is what to do about case insensitivity: The
>    local-part is case sensitive but in practice nobody makes use of it.
>    It would also be quite surprising if you the addresses
>    "joe.doe at example.org" and "Joe.Doe at example.org" would be different
>    entities.  What I have in mind is to downcase all plain ascii
>    characters before hashing but keeping the other utf-8 characters as
>    they are.  This would help with existing addresses but don't conflict
>    with too complicated utf-8 rules for downcasing (if they at all
>    exists).
>
>  - The code for the old PKA has been removed.
>
>  - The new command --print-pka-records prints records for insertion into
>    zone files.  Before each line an $ORIGIN line is given so that a
>    simple script can be used to divert the output to thre respective
>    zone files.

how does this relate to
https://tools.ietf.org/html/draft-ietf-dane-openpgpkey ?  Should we try
to support this draft?

> More work is required to use PKA only for initial key retrieval but not
> anymore for validating keys - the DNS is just too insecure for it and we
> should not rely on DNSSEC for validation either.

I see DNSSEC as a corroborative channel -- it doesn't need to be
authoritative for people who don't want it to be, but it could be useful
as well, and it is cryptographically verifiable (caveat: the keys are
often much weaker than we'd like today).

There are other kinds of security at issue, though: DNS provides a
pretty nasty leakage channel, since confidential DNS query mechanisms
are not widely deployed.  I'd hope that DNS lookups aren't necessarily
enabled by default unless we can guarantee that channel is private.

             --dkg



More information about the Gnupg-devel mailing list