get OpenPGP pubkeys authenticated using German personal ID

[Bernd Naumann]

/* I don't know how to reply to a previous thread, which predates my
joining on the list. That's why I'm starting a new one. */


I want to share my experience with that service, and have a general
question or two regarding the web-of-trust model.

First: I'm impressed. It (more or less) just works...
...with a GNU/Linux desktop. In Germany! ;) I would have not expected
that, to be honest.

(I have a german ID card (BPA) with the "ePA"-function enabled...)

On an Arch GNU/Linux PC, using Firefox, and with the AusweisApp2 via
flatpak, and an Android phone with the AusweisApp2 from the Google Play
Store, the "remote access" -- using the phone as an NFC card reader --
just worked without issues. IF you just follow the instructions and read
before you click... as always and often.

Procedure is easy and fast-forward:
start the AusweisApp2 on both devices; and start the remote access;
goto the website and start the process;
proof your identity with the ePA;
upload your key; select a uid;
get the mail.
Repeat if you have more the one uid...


Regarding the criticism from Andrew Gallagher on 1 Jun 2023, at 12:23:
> This is not best practice. Normally when email verification is being
performed, the gated action (such as certification, account creation
etc.) is not done until after a (time-bound!) challenge/response
succeeds. This places too much emphasis on verification of the
(non-unique) “real name” component of the UserID, and not enough on the
machine-readable email address.
>
> This opens up more fundamental questions about the meaning of
signatures over RFC822 UserIDs - do they validate the “real name”, the
email address, or some combination of the two? For example, an
email-validating CA may only check the email address part, treating the
“real name” as little more than a comment; while Governikus appear to be
doing it the other way around. It is of course up to the receiver to
decide how to interpret signatures, but it only compounds the problem
when not only is the signer’s trustworthiness in question, but also
their intent. How do you interpret the validity of a claim when it’s not
even clear what the claim is?


If a person, say "Max Mustermann", generates a PGP key with the uid "Max
Mustermann <olaf.scholz at bundestag.de>"; yes I assume Governikus would
still sign the key, because the Real Name corresponds,
but isn't this signature totally worthless? Because:
Max will probably never get the mail with the signature.
And Olaf has now the signed public key, but he is missing the secret
key. Or not? So is this really an /practical/ issue?
(I want to exclude I'm do not overseeing, or missing something out.)


Another related question:

If we can attest, that the ePA is somehow secure and can not be forged,
then the validation of the identity is pretty good, or not?
/* At least it's far better then a passport validation done by
unqualified personal. If I attend the cryptoparty at FOSDEM, I'm pretty
sure I would not be able to tell if this Italian or French passport is
real or not. */

And a last one:
Why shouldn't I give Governikus (864E 8B95 1ECF C04A F2BB  233E 5E5C
CCB4 A4BF 43D7) a trust-signature with a depth of 2, so I can trust
signatures they made? I have not found such info or recommendation on
their website, but the use-case is probably present?

And btw: Are their any *public* OpenPGP CAs out their?
(Not openpgp-ca.org which you can selfhost and stuff, but rather an
entity checking and validating Person/ID/Key and so forth...)


Thanks and greetings,
Bernd