OpenPGP.conf: A Success

Werner Koch wk at
Thu Sep 22 15:05:16 CEST 2016

This is a plaintext copy of Neal's

1 OpenPGP.conf: A Success

  On September 8th and 9th, the first [OpenPGP.conf] took place in Köln,
  Germany.  The conference was organized by the German Unix User Group
  (GUUG) and attracted over 50 [participants] from around the world.
  The program consisted of 18 highly technical talks.  Lunch and dinner
  were provided at the venue, which resulted in lots of time to increase
  ties between projects as well as exchange and develop ideas.


  From the GnuPG project, Werner presented an introduction to the new
  [web key service (WKS) protocol], which is being deployed by several
  mail providers including [Posteo].  The basic problem that WKS
  addresses is how to find someone's key.  Currently, most people just
  search the key servers for keys matching the person's email address.
  Although this works reasonably well, the [recent evil32 attack] has
  reminded many people that the keyservers provide no guarantees that a
  returned key is controlled by the stated owner.  In WKS, people upload
  their keys to their mail provider.  Since only the email account's
  owner can change the association, this is guaranteed to not only be
  the right key, but the user's preferred key.  Of course, users still
  need to trust their mail provider to deliver the correct key.  But, we
  believe this provides a significant improvement both in terms of
  security and usability over the status quo.  Those requiring stronger
  guarantees are still encouraged to either directly verify their
  communication partner's key or use the web of trust.  The German news
  site [Golem reported on Werner's presentation].  Meskio from the LEAP
  project also present [how LEAP is doing key discovery].  Phillip
  Hallam-Baker discussed [key management in the Mesh].  And, Holger
  Krekel discussed [how to distribute keys inline].

  Justus discussed his proposal for [a common OpenPGP test suite].  The
  main problem that he observed in his recent work on the GPGME Python
  bindings is that GPG, GPGME, and each of the GPGME bindings have their
  own test suite that tests similar functionality to the other test
  suites.  His idea is to merge the common parts by defining a simple
  interface, and having each component just map the API to its own API.

  Niibe presented his fully free cryptographic token, [GnuK]
  (pronounced: ɡəˈnuːk), which he started developing in 2010.  The GnuK
  is special in that it is the only cryptographic token that is based
  entirely on Free Software, the entire hardware specification is open,
  and the parts are relatively easy to buy.  This is motivated not only
  by ethical concerns, but also security concerns: being able to
  assemble it yourself makes it harder for an adversary to inject a
  trojan during production.  Niibe also avoids specialized hardware.
  This has less to do with making it easier to get the components, and
  more to do with security: getting documentation for secure chips, for
  instance, requires signing an NDA and, due to their specialized
  nature, are more likely to have a backdoor.  Instead, the GnuK uses a
  general purpose MCU (microcontroller unit).  To protect the secret key
  material, it uses the flash ROM protection feature.  There are
  currently discussions underway to further increase the security of
  this by partially decrypting the secret key material on the host with
  its much more capable CPU, which would make a brute force attack
  significantly more expensive should the key material be extracted.
  The GnuK can currently be ordered either from [seeed] or the [FSF].

  Andre discussed [how to use GPGME].  The main takeaway is that
  although GPGME's API is sometimes inconveniently low-level and some
  features are missing, it is much easier to interact with GPG using
  GPGME than to build another parser to parse GPG's `--status-fd'
  output.  Moreover, language bindings, such as Andre's bindings for Qt,
  can significantly simplify working with GPGME.

  Daniel reported on [GnuPG in Debian].  In particular, he discussed how
  Debian is dealing with co-installing GnuPG 1.4 and GnuPG 2.1,
  migration from 1.4 to 2.1, managing background processes, and system
  integration.  He also discussed some issues that he has observed with
  packages that use GnuPG.  In particular, their test suits often don't
  test their use of GnuPG, because this requires so much effort.  He
  indicated that one thing that would make life easier would be standard
  pinentry driver programs for different languages.  He's since
  submitted those for PHP, Perl, Python and Bash, and they will be part
  of the next GnuPG release.

  Another talk included a discussion of encrypted mailing list software
  and the current state of Schleuder by Ilf and Paz.  Schleuder is
  apparently the only encrypted mailing list software that currently
  works (it is also actively maintained).  Its design, however, requires
  that the mailing list server be able to decrypt the messages in order
  to reencrypt them to all of the subscribers.  The authors would like a
  better solution, but, as they point out, there are ideas out there
  (including my own proposal for [practical encrypted mailing lists]),
  but none of them work today.  This presentation was also [reported on
  by Golem].

  One of my favorite talks was [Nick Skelsey's talk on GlobaLeaks].  He
  discussed typical leaking interactions, how their leaking platform
  works, and the issues they face making the platform secure in the face
  of non-technical users.

  Other talks included an overview of some [work that the German BSI has
  contracted], [an analysis of OpenPGP], [a history of OpenPGP],
  [OpenKeychain UX decisions], [how to bypass pinentry], [an update on
  the sks keyservers], an overview of PEP, and an analysis of the
  keyserver data.

  Given the very positive reactions from the participants and our own
  positive impressions, we expect there to be a second edition of the
  conference in the near future.




  [web key service (WKS) protocol]


  [recent evil32 attack]

  [Golem reported on Werner's presentation]

  [how LEAP is doing key discovery]

  [key management in the Mesh]

  [how to distribute keys inline]

  [a common OpenPGP test suite]




  [how to use GPGME]

  [GnuPG in Debian]

  [practical encrypted mailing lists]

  [reported on by Golem]

  [Nick Skelsey's talk on GlobaLeaks]

  [work that the German BSI has contracted]

  [an analysis of OpenPGP]

  [a history of OpenPGP]

  [OpenKeychain UX decisions]

  [how to bypass pinentry]

  [an update on the sks keyservers]

Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 162 bytes
Desc: not available
URL: </pipermail/attachments/20160922/dabc4cae/attachment.sig>

More information about the Gnupg-users mailing list