New user needs some help

Cpp tzornik at gmail.com
Fri Jun 6 18:46:44 CEST 2014


Gmail is annoying... anyway, reposting:

Alright, thanks for elaborating it. Does this mean that the notation
(the "sig-notation issuer-fpr at notations.openpgp.fifthhorseman.net=%g"
line) is final, and is not going to change in the future?

I noticed that GnuPG also offers a "cert-notation" option - should
this be set too or can I safely omit it?

dkg: I have no idea what the answers should be. But guessing I'd just
put the second answer as "cert-notation
issuer-crt at notations.openpgp.fifthhorseman.net=%g" though I'm unsure
whether the presence of cert-notation it is necessary.



On 6/6/14, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On 06/06/2014 04:19 AM, Cpp wrote me privately (but later OKed
> publication):
>> On 6/5/14, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
>>> there is a link to an explanation about it.  you can read the rationale
>>> for it here:
>>>
>>>   http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234
>>
>> Yes, that is where I got it from.
>>
>> I am aware of the discussion thread at gmane. In fact I've read the
>> entire chain before posting here, but I still didn't fully understand
>> it. It seems to be some advanced way to distinguish keys via full
>> fingerprints, but it doesn't seem to be a standard yet. By the looks
>> of it, it's more like a temporary feature or a placeholder for
>> something else. The big question is whether I should add it to my key.
>> The article above seems to think so though I'm not sure how useful the
>> feature really is considering the fact that it's not that widespread.
>
> including this notation allows a remote peer who receives a signed
> message from you to reliably distinguish between two cases:
>
>  0) this signature is bad
>
>  1) this signature status is unknown and i just don't have the right key
>
> Without the extension, a signature verification process has no way to
> determine which of these scenarios is the correct one when the signature
> doesn't appear to validate.
>
> Without the extension, an attacker willing to do a fair amount of work
> (2^64 operations -- not out of reach of an organization willing to
> devote some time and resources) can create a key with a colliding long
> keyID.  If the party verifying a signature is verifying against the
> new/colliding key instead of the proper key, then all the signatures
> will appear in this broken state.
>
> few OpenPGP signature-verifying tools make this check currently; but
> your messages may be verified by systems that you don't know about
> (including systems in the future).  If you want to provide those tools
> with an way to reliably distinguish between the two cases, you should
> use the notation.
>
> Regards,
>
>         --dkg
>



More information about the Gnupg-users mailing list