AW: Robot CA at

Adrian 'Dagurashibanipal' von Bidder
Fri Dec 6 10:37:01 2002

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Fri, 2002-12-06 at 07:57, Huels, Ralf SCORE wrote:
> David Shaw writes:
> > Mind you, I'm not saying that this isn't a good enough reason to do
> > it.  I just don't want the impression going around that email
> > verification is somehow "secure", and the best way to do that is to
> > lay out in clear terms exactly what this is good for.
> >=20
> > You're not saying this is secure, and in fact saying the opposite,
> > which is admirable.  Many people won't understand that, unfortunately.
> I agree. The documentation on the CA's web page (if not in the
> key UID comments) should state much more explicitly, how weak this
> type of certification is and that there is no proof of any connection
> between a *person* and the key at all, just between the key and
> *someone* who effectively controls the mail address (including,
> for instance, the purported owner's postmaster).=20
> Hit them over the head with that information.=20

Yes. IMHO the robotCA should=20
 - only sign uids consisting of an email adress *only* (no realname, no
comment). Yes, people would have to get an additional uid, so what. But
then anyone looking at the key can see what was certified.
 - with 0x11 signature (I see you're going to do that, good).
 - add a policy URL
 - have, as Ralf said, a uid comment warning that only the email address
has been checked on the signing key.

Key delivery: I'd also vote for encrypted delivery. And, as others have
said before, to each email address only the corresponding signature
should be sent.

As to the problem of expiring the signatures: Here's an idea, no idea if
it's at all feasible:

Make keys long lived (10 years?), signatures also long lived (5 years?).
Set up a revocation-bot: play the challenge-response game with each
signed email address after 9 months, again after another two months,
after another 3 weeks and after another 6 days (if no answer, that is),
after which time the signature will be revoked.

So people with long lived email addresses wouldn't have to accumulate
loads of signatures from the bot only to stay in.

Of course, requirements here are
 - a db of the uids that have been signed.
 - publication of the key with revoked signatures.

And to strengthen this method, GPG should have an 'automatically refresh
key before use' option (or at least 'auto-refresh before use if key was
last refreshed more than 7 days ago). Yes, this would put considerable
load on the keyservers - could they deal with that?

-- vbi

this email is protected by a digital signature:

NOTE: keyserver bugs! get my key here:

Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

Version: GnuPG v1.2.1 (GNU/Linux)

Signature policy: