Preserving non-central and privacy with a "permission recording keyserver" (was: Launching a new keyserver on keys.openpgp.org!)
Bernhard Reiter
bernhard at intevation.de
Tue Jul 9 11:50:36 CEST 2019
Hello friends of GnuPG!
Am Mittwoch 12 Juni 2019 18:53:50 schrieb Vincent Breitmoser:
> the Hagrid team is pleased to announce the launch of our new keyserver,
> running at keys.openpgp.org!
It is good to see new code for distributing pubkeys for OpenPGP in general.
Hagrid's design decisions seems to aim towards preserving privacy
by requiring a confirmation before personal data is published.
This is much like the General Data Protection Regulation (GDPR).
> * Identities are only published with consent, while
> non-identity information is freely distributed.
> * Deletable. Users can delete personal information with a simple e-mail
> confirmation.
And a simple implementation of this would make the service central, inheriting
the drawbacks of a validating, central keyserver. "Central" in the meaning
that one place decides if a user id of a pubkey (and the pubkey itself) is
made available or not.
Another drawback as far as I can see is limiting the IDs that can be published
towards email addresses, which makes it harder for non-email use cases of
OpenPGP.
Can we write a keyserver-software that avoid these two drawbacks?
What about the following idea:
== A permission recording keyserver
=== Ask for permission to publish once
A keyserver records where it got the user id from.
If it is uploaded, and the id contains personal data, it knows which person's
data it is, thus this person can be asked for permission.
Example, there is an email address in the id. Thus an email can be send to
confirm the intend of the person to publish the pubkey. This permission is
recorded.
In the other case a keyserver gets a key and uid from a different server
and records from which one. It is avoided that each independent keyserver has
to ask again.
Now if someone complains, a server operator can either point to the other
keyserver or the permission they have recorded themselfs.
=== Record deletions
If someone requests a deletion (which means this person can prove that it is
there personal data), this is also recorded, only by key number, so this can
also be synced with other keyservers.
This way we can have independent keyservers, and it is clear that the network
in non-validating as a rouge keyserver may claim to have recorded permissions
or deletions. However if a keyserver does real malice, it will get pointed to
and is liable. It may also be blocked.
=== Non-email ids
If the iid does not contain an email address, it may or may not be data that
is personal. Example: "bernhard at intevation dot de" has personal data.
Example: "Zilkin 2019-ahex" does not.
The server can publish it preliminary, until someone complains and then
we either adapt the detection algorithm, record a deletion for the pubkey or
manually trigger the permission request.
Someone who claims that this is their personal data, will have to do this with
contact information and an understandable explanation why this is personal
data. In the beginning there maybe some interesting encodings and manual
cases to consider, but after a short while the detection algorithms will
catching most encodings.
=== How about the GDPR?
This idea accepts the assumption that we really need approval for publishing
an id that contains personal data (aka opt-in). Especially that the EU GDPR
actually is applicable in this case. I'm not sure if this is the case.
What I am quite sure about is that searching for an email address is okay,
if the search engine as recorded the information from a place where the
permission can be safely assumed, for example from a personal homepage in the
web. So once there is a chain of responsibility that can be followed in
exceptional cases, this is fine as the rights of users are honored.
== Conclusion
While this is just an idea, yet, it seems possible to keep a searchable public
and independently federated directory of pubkeys by design. Maybe hagrid can
be used as basis for such an implementation.
Whether such a directly is useful as an addition to WKD in the long run is not
discussed. And tthe recent attack on the SKS keyserver network should not put
pressure on this important discussion, in my opinion.
Best Regards,
Bernhard
ps.: Dominik and Andre are getting a copy, because I have voiced that idea to
them on the phone in the last days. You do not need to include them in
follow-ups.
pps.: I was unable to read all the writings about the hagrid approach so far.
These days I need good, balances summaries to get on speed on some debates.
However got the impression that the idea is interesting enough to be written
down rather sooner than later.
--
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20190709/f0da9663/attachment-0001.sig>
More information about the Gnupg-devel
mailing list