basic identity mgmt
Peter Lebbing
peter at digitalbrains.com
Mon Jan 18 11:43:01 CET 2016
On 17/01/16 21:00, Doug Barton wrote:
> You glossed over the points in my previous messages about the fact
> that we cannot know for sure if the person sending the message is
> actually who we think it is [...]
Well, to me it sounded like you said "Signature subkeys aren't enough by
themselves, so they don't matter". Whereas they are a necessary part of
the puzzle.
> But this thread started trying to refute my assertion that keeping
> certification keys air-gapped is pointlessly complicated. I haven't
> seen a refutation of that premise yet. :)
The only good argument (IMO) I can think of is: ease of replacement. If
you have an online primary key, and your computer is hacked, you have to
revoke the whole key, since the attacker got the private material. This
means you need to meet up with at least some of your contacts again to
exchange fingerprints. You can't do a key transition, because so could
your attacker; if you know your private material is out there, you need
to discard the key wholly.
Now, if you have an offline main key, on an air-gapped system, that
makes it a lot more difficult to attack. When your online, Internet
connected system gets hacked, you have a big problem. All your encrypted
stuff the attacker can get is readable to them, and as long as you don't
know yet, they can issue your signatures. But when you discover it, you
can reinstall or throw out the hacked hardware, issue new subkeys and be
done with it. Since your primary key was still safe, your correspondents
know it's still you.
And luckily, your certification key is also the one you use least of
all. Issuing new subkeys and certifying other people's keys; the most
rare of occurences, I think.
But as I wrote, this is what I can think of. I'm inclined to think there
are other reasons why an offline primary key can give a significant
advantage over an online one. I just haven't thought of them.
Similarly, I'm not convinced there aren't good reasons why a smartcard
for SSH authentication is indeed an advantage over on-disk keys. So your
characterization:
On 17/01/16 04:32, Doug Barton wrote:
> Sorry, all that does is replace something that already existed, works
> well, and is widely supported; with something more complex, often
> buggy, and not widely supported. That's not a use case, that's a
> solution looking for a problem.
is going to far for me, but obviously you're free to be of a different
opinion :).
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list