Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey

Randy Bush <randy@psg.com> Wed, 23 September 2015 03:45 UTC

Return-Path: <randy@psg.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4B6B1B3138; Tue, 22 Sep 2015 20:45:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1JTLqhjUkEAx; Tue, 22 Sep 2015 20:45:05 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A62A1B312B; Tue, 22 Sep 2015 20:45:05 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=ryuu.psg.com) by ran.psg.com with esmtp (Exim 4.82) (envelope-from <randy@psg.com>) id 1ZeazM-0000JU-FL; Wed, 23 Sep 2015 03:45:01 +0000
Date: Wed, 23 Sep 2015 09:44:57 +0600
Message-ID: <m2pp19ztmu.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Paul Wouters <paul@nohats.ca>
In-Reply-To: <alpine.LFD.2.20.1509211455150.420@bofh.nohats.ca> <BF1BD782-A76E-48B0-94B9-184431FE2B80@karoshi.com> <356DD678-92FD-4B7B-8204-B25B24CBF536@kitterman.com> <5600FC4D.9010904@alvestrand.no> <CAMm+Lwg2j_=NxE2zu8BPnC9CskpgxJUAGnqBukbs7=O81dZkVg@mail.gmail.com> <alpine.LFD.2.20.1509221108280.4663@bofh.nohats.ca>
References: <20150921172109.19893.qmail@ary.lan> <alpine.LFD.2.20.1509211455150.420@bofh.nohats.ca>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/RU9SX2Ir5q3Ln7zsBgTA1IOfooM>
Cc: ietf@ietf.org, dane WG list <dane@ietf.org>
Subject: Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 03:45:07 -0000

Paul Wouters wrote:

> Actually, nmost people I know never use the WoT. They only use keys
> obtained directly from the person they want to exchange encrypted email
> with.

this is not my experience

it will be a long time before i trust a dane/dnssec identity binding
over pgp's.

At Mon, 21 Sep 2015 16:24:10 -0700, Bill Manning wrote:

> I think Paul nails it, at least for the more aware folks around.
> Using the WoT to gauge anything other than confidence in choice of
> friends/associates is asking for trouble.

i think bill nails it.  trust in identity is what it is about for me.
i am communicating with a person, not a dns or smtp server; the latter
are agents, and ones which have failed repeatedly over the decades.

using one hierarchy to reinforce the weaknesses of another may increase
reliability (or fragility), which is good.  it does not increase trust
in identity.

At Mon, 21 Sep 2015 18:58:43 -0500, Scott Kitterman wrote:

> Personally, I've known people for year on line, but would never sign
> someone's key without meeting them in person.

bingo!  and seeing a high level out of band assertion of identy such as
a passport.

At Tue, 22 Sep 2015 08:59:25 +0200, Harald Tveit Alvestrand wrote:

> it's been obvious to me since the 90s that the hierarchical models of
> trust (CAs, corp signing authorities) are simply restricted webs of
> trust. So the WoT model is a more general one than the hierarchical one:
> you can represent hierarchy as a WoT (the user trusts the root keys,
> trust flows from there), but not vice versa.

bingo!

> I've been saddened by the crippled state of WoT-manipulating user
> interfaces since roughly forever.

but x.509 and dns end user tools are sooo much better :)

> I believe the Web of Trust has a great potential as a basis on which to
> represent many different trust policies. But the current state of tools
> to interrogate and update a trustdb according to those policies is
> simply not fit for the task.

the state of tools for the entire trust and identity ecosystem sucks.
and we are spending our time mucking below the waterline.  to a dns/dane
hammer, everything looks like a nail.  a solution looking for a problem.

At Tue, 22 Sep 2015 13:55:22 -0400, Phillip Hallam-Baker wrote:

> A few months back I realized that I had the criteria wrong. It is even
> tougher than 'do no harm'. To get people using strong crypto you have
> to do better than not making things any worse. You have to make life
> easier for the user.

'cept we're not doing that.  while i am still digging through your
latest, at least you're talking about some parts of the elephant that
i perceive.

At Tue, 22 Sep 2015 11:11:11 -0400 (EDT), Paul Wouters wrote:

> With DNS, you can remove the key from DNS without needing the private
> key or passphrase to it.

is this a feature or a bug?  good discussion in acme about having the
credentialials to add/change/delete.  in current pgp, if you think you
may ever want to revoke, gen a revocation credential.

in all these worlds, you need credentials to change or negate; to do
otherwise is a big vulnerability.

randy