Re: pgp signing in van
John C Klensin <john-ietf@jck.com> Sun, 08 September 2013 19:13 UTC
Return-Path: <john-ietf@jck.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1659D21E80C5 for <ietf@ietfa.amsl.com>; Sun, 8 Sep 2013 12:13:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.565
X-Spam-Level:
X-Spam-Status: No, score=-102.565 tagged_above=-999 required=5 tests=[AWL=0.034, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id km8097nq1TnB for <ietf@ietfa.amsl.com>; Sun, 8 Sep 2013 12:13:46 -0700 (PDT)
Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) by ietfa.amsl.com (Postfix) with ESMTP id 308F321E80BE for <ietf@ietf.org>; Sun, 8 Sep 2013 12:13:46 -0700 (PDT)
Received: from [198.252.137.115] (helo=JcK-HP8200.jck.com) by bsa2.jck.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1VIkQa-000I42-7G; Sun, 08 Sep 2013 15:13:44 -0400
Date: Sun, 08 Sep 2013 15:13:39 -0400
From: John C Klensin <john-ietf@jck.com>
To: Melinda Shore <melinda.shore@gmail.com>, ietf@ietf.org
Subject: Re: pgp signing in van
Message-ID: <68E6B988719224FF23769ECB@JcK-HP8200.jck.com>
In-Reply-To: <522AA284.4060106@gmail.com>
References: <m2zjrq22wp.wl%randy@psg.com> <D2B391D8-B7D9-4A17-BF34-1DAEA2144339@nominum.com> <522A99BA.7000103@gmail.com> <2917243.BH7XVtJ1Kp@scott-latitude-e6320> <522AA284.4060106@gmail.com>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Sep 2013 19:13:52 -0000
--On Friday, September 06, 2013 19:50 -0800 Melinda Shore <melinda.shore@gmail.com> wrote: > On 9/6/13 7:45 PM, Scott Kitterman wrote: >> They have different problems, but are inherently less >> reliable than web of trust GPG signing. It doesn't scale >> well, but when done in a defined context for defined >> purposes it works quite well. With external CAs you never >> know what you get. > > Vast numbers of bits can be and have been spent on the problems > with PKI and on vulnerabilities around CAs (and the trust > model). I am not arguing that PKI is awesome. What I *am* > arguing is that the semantics of the trust assertions are > pretty well-understood and agreed-upon, which is not the case > with pgp. When someone signs someone else's pgp key you > really don't know why, what the relationship is, what they > thought they were attesting to, etc. I think you are both making more of a distinction than exists, modulo the scaling problem with web of trust and something the community has done to itself with CAs. The web of trust scaling issue is well-known and has been discussed repetitively. But the assumption about CAs has always been, more or less, that they can all be trusted equally and that one that couldn't be trusted would and could be held accountable. Things just haven't worked out that way with the net result that, as with PGP, it is hard to deduce "why, what the relationship is, what they thought they were attesting to", and so on. While those statements are in the certs or pointed to from them in many cases, there is the immediate second-level problem of whether those assertions can be trusted and what they mean. For example, if what a cert means is "passed some test for owning a domain name", it and DANE are, as far as I can tell, identical except for the details of the test ... and some are going to be a lot better for some domains and registrars than others. Assorted vendors have certainly made the situation worse by incorporating CA root certificates in systems based on business relationships (or worse) rather than on well-founded beliefs about trust. On the CA side, one of the things I think is needed is a rating system (or collection of them on a "pick the rating service you trust" basis) for CAs, with an obvious extension to PGP-ish key signers. In itself, that isn't a problem with which the IETF can help. Where I think the IETF and implementer communities have fallen down is in not providing a framework that would both encourage rating systems and tools and make them accessible to users. In our current environment, everything is binary in a world in which issues like trust in a certifier is scaled and multidimensional. As Joe pointed out, we don't use even what information is available in PGP levels of confidence and X.509 assertions about strength. In the real world, we trust people and institutions in different ways for different purposes -- I'll trust someone to work on my car, even the safety systems, whom I wouldn't trust to do my banking... and I wouldn't want my banker anywhere near my brakes. In both cases, I'm probably more interested in institutional roles and experience than I am in whether a key (or signature on paper) binds to a hard identity. In some cases, binding a key to persistence is more important than binding it to actual identity; in others, not. I trust my sister in most things, but wouldn't want her as a certifier because I know she don't have sufficient clues about managing keys. And the amount of authentication of identity I think I need differs with circumstances and uses too. We haven't designed the data structures and interfaces to make it feasible for a casual user to incorporate judgments --her own or those of someone she trusts -- to edit the CA lists that are handed to her, or a PGP keyring she has constructed, and assign conditions to them. Nor have we specified the interface support that would make it easy for a user to set up and get, e.g., warnings about low-quality certification (or keys linked to domains or registrars that are known to be sloppy or worse) when one is about to use them for some high-value purpose. We have web of trust and rating models (including PICS, which illustrates some of difficulties with these sorts of things) models for web pages and the like, but can't manage them for the keys and certs that are arguably more important. So, anyone ready to step up rather than just lamenting the state of the world? best, john
- Re: pgp signing in van Scott Kitterman
- Re: pgp signing in van Scott Kitterman
- Re: pgp signing in van Melinda Shore
- pgp signing in van Randy Bush
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Dave Crocker
- Re: pgp signing in van Scott Kitterman
- RE: pgp signing in van l.wood
- Re: pgp signing in van Russ Housley
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Joe Touch
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Joe Touch
- Re: pgp signing in van Scott Kitterman
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Scott Brim
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Pete Resnick
- Re: pgp signing in van Theodore Ts'o
- Re: pgp signing in van Hector Santos
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Hector Santos
- Re: pgp signing in van John C Klensin
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Hector Santos
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Måns Nilsson
- RE: pgp signing in van l.wood
- Re: pgp signing in van Anshuman Pratap Chaudhary
- Re: pgp signing in van Måns Nilsson
- Re: pgp signing in van Brian Trammell
- Re: pgp signing in van Andrew Sullivan
- Re: pgp signing in van Cyrus Daboo
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van John Levine
- Re: pgp signing in van David Conrad
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Richard Barnes
- Re: pgp signing in van Scott Brim
- Re: [IETF] Re: pgp signing in van Warren Kumari
- What real users think [was: Re: pgp signing in va… Brian E Carpenter
- Re: pgp signing in van Dan York
- Re: What real users think [was: Re: pgp signing i… Dave Crocker
- Re: pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Steve Crocker
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Dave Crocker
- Re: What real users think [was: Re: pgp signing i… Hector Santos
- Re: What real users think [was: Re: pgp signing i… Steve Crocker
- Re: pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Brian E Carpenter
- Re: What real users think [was: Re: pgp signing i… John C Klensin
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: pgp signing in van David Morris
- Re: What real users think [was: Re: pgp signing i… SM
- Re: What real users think [was: Re: pgp signing i… Dave Crocker
- Re: pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: not really pgp signing in van John Levine
- Re: not really pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… John R. Levine
- Re: pgp signing in van Arturo Servin
- Re: not really pgp signing in van Scott Kitterman
- Re: What real users think [was: Re: pgp signing i… Phillip Hallam-Baker
- Re: not really pgp signing in van John Levine
- Re: What real users think [was: Re: pgp signing i… John Levine
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van John R Levine
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van John R Levine
- Re: What real users think [was: Re: pgp signing i… Fernando Gont
- Re: pgp signing in van Fernando Gont
- Re: pgp signing in van Ted Lemon
- Re: not really pgp signing in van Brian Trammell
- Re: pgp signing in van t.p.
- Re: not really pgp signing in van Måns Nilsson
- Re: pgp signing in van Ted Lemon
- the evil of html was Re: pgp signing in van t.p.
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Paul Wouters
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Martin Thomson
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: not really pgp signing in van John R Levine
- Re: not really pgp signing in van manning bill
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Theodore Ts'o
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Yoav Nir
- was: not really pgp signing in van SM
- Re: was: not really pgp signing in van Phillip Hallam-Baker