trust your corporation for keyowner identification?

Paul R. Ramer free10pro at
Wed Nov 6 00:03:19 CET 2013

On 11/05/2013 09:26 AM, Leo Gaspard wrote:
> On Tue, Nov 05, 2013 at 12:40:11AM -0800, Paul R. Ramer wrote:
>> I don't know how I can explain it any better than I have. I think you are confusing assertion with verification.  Unless you can differentiate between the two in this case, I don't think you will see what I am talking about.
>> [...]
>> I guess all I can say is that one should have a key signing policy to let others know how he verifies keys.
>> There. I said it all over again, just differently (and a whole lot more).
> OK, I think I understood your point. (That is, assertion is not as strong as
> verification.)
> However, I think in this case (assuming there are no more UID on key 2 than on
> key 1), assertions are sufficient, *because* there are two assertions, one in
> both ways.
> I mean :
>  * Owner of Key 1 says (s)he is owner of Key 2 (through signed message saying
>    you so)
>  * Owner of Key 2 says (s)he is owner of Key 1 (through signed UID on Key 2)
> So, except in case of collusion between owners of Keys 1 and 2, I believe there
> is no way one can be wrong in signing Key 2 (of course, if Key 1 is signed).

There could be collusion with only one key.  Verification of the key
details cannot address this.

> IIUC, your point is that verification would enable one to avoid collusion, as it
> is the only flaw I can see in this verification scheme.
> Except collusion can not be avoided in any way, AFAIK.

No.  Avoiding collusion is impossible here.  It just comes down to you
vouching through your signature on the second key that you have
*verified* it.  Nothing more, nothing less.  If you didn't follow all of
the steps to verify it, why would you sign it with an exportable
signature?  You could just sign it with a local signature for your use,
because you believe the key to be valid.  But if you sign it with an
exportable signature, you are saying to others that you have verified
the key.  It is reasonable to expect that if you signed someone's key
you did verify it without skipping any steps (whether you felt they were
unnecessary in this case or not).

Signing keys with exportable signatures is not for your benefit.  It is
for others you may extend ownertrust to your signatures.  I have
communicated with plenty of people via email who I believe were who they
said that they were, that they did have control of their accounts, and
that if they did have an OpenPGP key, it seemed to me to be valid.
Would I sign their keys with exportable signatures to tell others that I
have checked their keys and believe them to be valid when I have not
fully verified their keys? No.

> If that is not your point, could you exhibit a scenario in which there is a
> signed UID on Key 2, a signed statement from Key 1 owner saying he owns Key 2,
> and Key 2 not being usable by Key 1 owner ? (Of course, excepting collusion,
> which as stated above can not be avoided.)

Collusion is the only way that I know of, and there is nothing you can
do about it if it is happening.



PGP: 3DB6D884

More information about the Gnupg-users mailing list