New keyserver at keys.openpgp.org - what's your take?

Dirk Gottschalk dirk.gottschalk1980 at googlemail.com
Tue Jun 25 18:15:09 CEST 2019


Hi.

Am Dienstag, den 25.06.2019, 17:54 +0200 schrieb Vincent Breitmoser:
> > The Upload should be restricted to the key owner in some way.

> We restrict upload of user ids to the owner of the user id,
> identified by email verification. Non-identity data (subkeys,
> revocations, ...) can be freely distributed, but only with a verified
> self-signature.

That's what I had in mind.

> Is there any other mechanism you can come up with to allow upload by
> the owner of some key data or email addresses, but not others?

Additionally some kind of authentication mechanism would be required to
avoid fake uploads like just a faked sender address. I implicated this
wordless. Other mechanisms could be possible but I don't have any
special thoughts regarding this at the moment.


> > I didn't consider it until you mentioned ist. A good idea, thanks.

> Great! I've been getting generally positive feedback about this idea,
> perhaps we should look into that more seriously.

Yes, I agree.


> > Theres simply one point: "If you do not want your email to be
> > public, don't upload your key to a server."

> What if I upload your key to a server though? Keep in mind this is
> not just a "nice to have", it is a legal requirement.

This would not be poissible with an authentication mechanism. See
above. Only the owner should be able to modify his key or make
ammendements. Probably except for revocations, in somne cases.

> > In my opinion, the UID is essential for the Keys, except of M2M
> > Usage.
> > (...)
> > No. But if I want to sent you an email and want to encrypt it on a
> > machine with an empty keystore, shouldn't I be able to fetch your
> > key
> > by Address?

> Of course! And we do support that, given consent from the owner of an
> address. Without that, only non-identity data (still enough for M2M)
> is distributed.

M2M keys don't need a UID at all. I made such keys für my automatic
backups and for some of the telematics solutions I work on. We use them
only to encrypt, sign and send tachograph data files which are sent to
our customers by email, for example.


> > It could be realized by exact match

> This is exactly what we do. :)

So you support key search, this is a good point. And it ind of changes
my opinion about the new servers. I didn't have the time to dig deeper
into this new server and my opinion is based upon the things I read on
the list. So this discussion is really helpful.

Just the point of a centralized server is a thing that is not good in
my opinion, but there should and will be a way to implement a
distributed system into this project. A synchronizatio´n mechanism has
to be well overthought, that's one point, but technically there are
some ways to implement a secure and stable mechanism to achieve
distribution. This is a point which should be considered.

Regards,
Dirk

-- 
Dirk Gottschalk

GPG: 4278 1FCA 035A 9A63 4166  CE11 7544 0AD9 4996 F380
Keybase: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190625/4d63888e/attachment-0001.sig>


More information about the Gnupg-users mailing list