IETF Logo Mail Archive

Re: pgp signing in van

Ted Lemon <ted.lemon@nominum.com> Sat, 07 September 2013 00:10 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFBC311E8101 for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 17:10:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.589
X-Spam-Level:
X-Spam-Status: No, score=-106.589 tagged_above=-999 required=5 tests=[AWL=0.010, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Az0GA3PrNZH for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 17:10:19 -0700 (PDT)
Received: from exprod7og114.obsmtp.com (exprod7og114.obsmtp.com [64.18.2.215]) by ietfa.amsl.com (Postfix) with ESMTP id 47BA411E80EA for <ietf@ietf.org>; Fri, 6 Sep 2013 17:10:19 -0700 (PDT)
Received: from shell-too.nominum.com ([64.89.228.229]) (using TLSv1) by exprod7ob114.postini.com ([64.18.6.12]) with SMTP ID DSNKUipu6jZuj+aZjqwQQF03DqajBrJvm0aN@postini.com; Fri, 06 Sep 2013 17:10:19 PDT
Received: from archivist.nominum.com (archivist.nominum.com [64.89.228.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by shell-too.nominum.com (Postfix) with ESMTP id B22371B821D for <ietf@ietf.org>; Fri, 6 Sep 2013 17:10:18 -0700 (PDT)
Received: from webmail.nominum.com (cas-02.win.nominum.com [64.89.228.132]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by archivist.nominum.com (Postfix) with ESMTPS id 300D519007A; Fri, 6 Sep 2013 17:10:16 -0700 (PDT) (envelope-from Ted.Lemon@nominum.com)
Received: from [10.0.10.40] (192.168.1.10) by CAS-02.WIN.NOMINUM.COM (192.168.1.101) with Microsoft SMTP Server (TLS) id 14.2.318.4; Fri, 6 Sep 2013 17:10:15 -0700
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0 (Mac OS X Mail 7.0 \(1805\))
Subject: Re: pgp signing in van
From: Ted Lemon <ted.lemon@nominum.com>
In-Reply-To: <522A5A45.7020208@isi.edu>
Date: Fri, 06 Sep 2013 20:10:14 -0400
Content-Transfer-Encoding: quoted-printable
Message-ID: <CA2A6416-7168-480A-8CE1-FB1EB6290C77@nominum.com>
References: <m2zjrq22wp.wl%randy@psg.com> <2309.1378487864@sandelman.ca> <522A5A45.7020208@isi.edu>
To: Joe Touch <touch@isi.edu>
X-Mailer: Apple Mail (2.1805)
X-Originating-IP: [192.168.1.10]
Cc: Michael Richardson <mcr@sandelman.ca>, IETF Disgust <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Sep 2013 00:10:26 -0000

On Sep 6, 2013, at 6:42 PM, Joe Touch <touch@isi.edu> wrote:
> I've noted elsewhere that the current typical key-signing party methods are very weak. You should sign only the keys of those who you know well enough to claim you can attest to their identity.

This is a ridiculously high bar.   The bar should be about at the level of a facebook friend request.  The PGP key signing model of attesting to legal identities is solving the wrong problem.    But you are right that we can't require this sort of thing in order for people to participate in the IETF.

v2.23.0 | Report a Bug | By Email