Question about signing keys and trust.
dougb at dougbarton.us
Fri Mar 17 08:29:55 CET 2017
On 03/15/2017 02:14 PM, Jamie H. via Gnupg-users wrote:
> It's been a few years since I've messed with gpg, but I have an
> application that needs something kind of like distributed groups.
> Lets say I have: "key group" (which is owned by who-cares, it's a
> public key only that represents a group of people)
The fact that more than one person has access to the key seems
superfluous to your use case.
> I have a person, lets say William Smith who has his key signed by
> William Smith then signs Betty Boop with his key.
> So William Smith and Betty Boop are sort of like members of "key
> group" because Betty Boop has a signature by someone who has their
> key signed by the key group, and if Betty Boop signs someone, up to
> n-depth, then those people become members of "key group". No one has
> authority to add or remove people, except other members of the same
This very unclear, but perhaps you have a more detailed implementation
plan in mind, and this is just a summary.
> ... fast forward ..
> In the application, lets say it's a spam fighting tool, a Betty Boop
> marks a message as spam.
> I trust members of "key group" to mark spam, but I don't trust them
> with everything, just marking spam, so the spam message is deleted.
> Popeye, who is a member of "alien group" marks something as spam too,
> but since popeye doesn't have a key signed by someone in "key group",
> I do not trust him to flag messages as spam, so I just ignore it.
This bit is clear, but if a spam detection tool is what you're
developing, sharing the responsibility for flagging something as spam is
a very bad idea. There has been a lot of e-ink spilled on this problem
from all of the major mail providers. Essentially, users are incredibly
bad at reliably tagging *their own mail* as spam, or not-spam. At best
an individual's opinion on whether something is spam or not should be
taken as one lightly weighted value in the overall determination.
Developing a complex system of trusting users' opinions on this topic
would be a waste of your time.
> Problem is I can't see how! Is there a way I can look at someones
> public key and (without importing anything into my personal key
> files) list in a kind of chain fashion how many other signers there
Sort of. You can use --list-packets, but it would be very painful.
It would actually be easier to import these keys onto their own rings
using the no-default-keyring option. You probably also want to use
no-import-clean option so that you can see all the signatures, including
those from keys you have not already imported yet.
It's not *too* complicated to do this kind of stuff, but you have to
really read the man page and understand how the pieces fit together.
I would also recommend that you use GNUPGHOME to create a separate
environment from your own personal one.
> I admit, GPG probably wasn't designed for this, and I don't really
> get the whole trust level thing.. and if it's impossible or
> impractical I'll find another way, but it would be convenient.
Trust is completely different from what you're describing here.
(Unfortunately the term 'trust' is badly abused in PGP circles, and has
at least 4 different meanings depending on context.)
You don't care about the trust *level* at all. Your only concern is
whether or not the key you're examining is included in the web of trust
for your tool. If your "group key" that you described above is the apex
of the tree, you want to examine the key you have to see if it has a
chain of trust back to that apex key. For keys which are close to the
top, that would not be too expensive of an operation. But as your pool
grows it could become quite expensive, as you'd have to check if
signatures/keys have been revoked, expired, etc.
Another problem you have is that there is no way for the administrator
of the system to decertify a user (kick them out of the group, so to
speak). You would require the cooperation of every user in every chain
of trust back to the apex key, and every other member of the group not
to add them back.
As you point out, PGP is not really designed for this sort of thing. :)
That said, you may be able to learn some stuff from the software for
this site: http://pgp2.cs.uu.nl/wotsap/
hope this helps,
More information about the Gnupg-users