Mixing Authenticate capability with others

[Peter Lebbing]

On 21/08/15 11:00, Peter Lebbing wrote:
> Does GnuPG (or GPG-Agent in 2.1) actually check that the challenge sent
> by the server is not a validly formatted OpenPGP signature or certification?

I should note that it is not possible for an SSH server to evoke a data
signature from gpg-agent running as an SSH agent like this. The server
only controls a minor part of the hashed data.

Quickly browsing through the source code of the SSH agent code in
gpg-agent, it seems it will actually sign whatever it is sent, if I read
it correctly. I still don't think that's a problem because that is no
different than gpg-agent itself which will also happily sign with
unlocked keys, since this is actually its task. What gets sent to the
agent is still under the control of the SSH client, running as the user
themself.

But an SSH agent is only a possible application, it seems to me the
system with OpenPGP subkeys having the Authenticate flag is set up to be
more broad than that. Other applications might be built in a way that
the server controls all the data to be signed.

Am I seeing ghosts here or should the system be more careful of sharing
Authenticate with Sign/Certify?

Oh, and by the way, I quickly realised after my previous message that
authentication is probably always handled by the agent, not just in
GnuPG v2.1. It just didn't seem to be worth a message on its own ;).

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>