German ct magazine postulates death of pgp encryption

Hauke Laging mailinglisten at hauke-laging.de
Sat Feb 28 00:03:26 CET 2015 

Am Fr 27.02.2015, 13:11:33 schrieb Kristian Fiskerstrand:

> > We need keyservers which are a lot better that today's. IMHO that
> > also means that a keyserver should tell a client for each offered
> > certificate whether it (or a trusted keyserver) has made such an
> > email verification.
> 
> The keyservers have no role in this, they are pure data store and can
> never act as a CA.

That is not a higher truth which must not be breached. The other way 
round it is correct, though: It must be possible to run a keyserver 
without making any statements about the certificates.


> That would bring up a can of worm of issues, both
> politically and legally, I wouldn't want to see the first case where a
> keyserver operator was sued for permitting a "fake key" (the term
> itself is very misleading

I would consider taking that to court ridiculous (for several reasons, 
one being the (also ridiculous) class 1 X.509 certifications) but it 
makes obviously little sense for us to make a mandatory assessment for 
the whole world. That is a decision which everyone who runs a keyserver 
(or intends to) should make himself.

This need not be implemented by the keyserver making signatures. It 
would be enough if there were certificate attributes in the keyserver 
answer. That way these certificates could not easily become valid by some 
not so clever user giving full certification trust to the keyserver's own 
certificate.


> People need to understand that operational security is critical for
> any security of a system and validate the key through secondary
> channel (fingerprint, algorithm type, key length etc verifiable
> directly or through probabilistic measures e.g. based on historical
> postings on mailing lists over a long time for a project etc).

I could hardly agree more but it is easy to join the "People need to 
understand" game if you are on a mailing list. This becomes much harder 
if you have been working on spreading OpenPGP usage in the nasty real 
world for a while. Like I have. For more than two years I have been 
teaching people myself, seen what is done (and what isn't) at 
Cryptoparties, have tried to use universities and schools for gaining 
new users. So what do we talk about here if in good approximation nobody 
outside this mailing list gives a^W^W cares about that?

We are going to lose this if we don't make usable offers. And in case it 
is not already well known here: I am at the security extremist end of 
the spectrum. I think both OpenPGP and GnuPG are not good enough yet in 
supporting high level security. I am just not willing to ignore the 
other 99.3%.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20150228/9675ffa9/attachment.sig>

More information about the Gnupg-users mailing list