protecting pub-keys from unwanted signatures
admin at zwiebelfreund.de
Sun Aug 16 14:01:48 CEST 2015
On Sun, Aug 16, 2015 at 12:15:03PM +0100, MFPA wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> On Sunday 16 August 2015 at 9:10:28 AM, in
> <mid:20150816081028.GA26761 at zwiebelfreund.de>, Stefan Claas wrote:
> > after seeing Facebook's public key a couple of days
> > ago, i was wondering if it's possible to enhance GnuPG
> > in a future version, so that it no longer allows
> > someone to sign a public key without approval of the
> > owner.
> If GnuPG were modified in this way the key could still be signed
> using an old GnuPG version, or any other OpenPGP application.
> I guess a modification would be possible that allowed a GnuPG user to
> sign acceptance or rejection over a third-party signature, but I'm not
> convinced there would be any point. Firstly, would such acceptance or
> rejection be dropped by the keyservers? Secondly, any signature on a
> key is only meaningful if you recognise (or have a trust path to) the
> key that made that signature; the rest is meaningless background noise
> that disappears if you use "keyserver-options import-clean" in your
> gpg.conf or on your command line. (My local copy of Facebook's public
> key has only self-signatures, and refreshing from a keyserver does not
> change this).
> > As an example: Bob likes to sign Alice's pub key and
> > issues the sign key command, but instead of signing the
> > key directly GnuPG would create a "Signature Reguest
> > Certificate" which Alice reads and verifies in GnuPG,
> > thus allowing her to add Bob's signature to her key.
> > This mechanism, or a similar one would protect Alice's
> > key from unwanted signatures.
> Or Alice could simply host a "clean" copy of her key without the
> unwanted signatures on her website, Biglumber, an email
> auto-responder, etc.
> - --
> Best regards
> MFPA <mailto:2014-667rhzu3dc-lists-groups at riseup.net>
> The One with The Answer is seldom asked The Question
> -----BEGIN PGP SIGNATURE-----
> -----END PGP SIGNATURE-----
Thanks for your reply, all valid points.
However if my proposal would result in an enhanced OpenPGP file
format older versions could not sign such keys, while a never version
could read older or leagcy file formats. Same as with other software
applications. Current key servers would not be able to read/store
such enhanced format and needed to be updated too.
More information about the Gnupg-users