IETF Logo Mail Archive

Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification]

Phillip Hallam-Baker <phill@hallambaker.com> Wed, 01 April 2015 20:12 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63DF51A8F4C for <openpgp@ietfa.amsl.com>; Wed, 1 Apr 2015 13:12:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EMZdj8lXsmfl for <openpgp@ietfa.amsl.com>; Wed, 1 Apr 2015 13:12:18 -0700 (PDT)
Received: from mail-lb0-x232.google.com (mail-lb0-x232.google.com [IPv6:2a00:1450:4010:c04::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C8251A8825 for <openpgp@ietf.org>; Wed, 1 Apr 2015 13:12:18 -0700 (PDT)
Received: by lboc7 with SMTP id c7so44732036lbo.1 for <openpgp@ietf.org>; Wed, 01 Apr 2015 13:12:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=dNgeTbjeO7ol7Qy2ZZKoC/6n4KyVH5FTj7MGEBTj0nM=; b=RK2+6Xn10AwSy210rT+VHm8ijko7PhJgWI5PNmycVqDZW2yuoOw2xbyAXKN0XWxIco 9rFIqmMsDoO9wHxf9Brkybwr0Nm2KK+2BKZS/IHrwHrD8JrivRFB9hw1yOfuBJ5yddtK FThextV+BIQPUs6NiLcC6Zzt2ArtG0jMHYegTkInhEl166hqnN0iCtC7DeL5BmTlfJg2 y2TBWTUvzkacfUTxSLIyEAYUKD7B1yQkrihD2DIrVn3NCOXrpxiWBu0iUb5gSOZC1xgg UhFkrvbBE+zpYfsosKleGELi5SV/QA2BQ2qQHOoCAMHH7zz8AG5bVV6wcamtik2+BIbu +8ZQ==
MIME-Version: 1.0
X-Received: by 10.152.234.42 with SMTP id ub10mr17126894lac.55.1427919136501; Wed, 01 Apr 2015 13:12:16 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.147.165 with HTTP; Wed, 1 Apr 2015 13:12:16 -0700 (PDT)
In-Reply-To: <87iodfehtu.fsf@alice.fifthhorseman.net>
References: <CAA7UWsUz65C0GAQo8Yf7ZOeT9BYy+NLV5pbbPg+Ok0-72ca1eA@mail.gmail.com> <1426721882.4249.72.camel@scientia.net> <5510578A.80304@iang.org> <1427140788.10191.75.camel@scientia.net> <5510B7CF.8060308@iang.org> <1427168189.10191.241.camel@scientia.net> <5511FE82.6010807@iang.org> <1427243451.10191.375.camel@scientia.net> <5512F137.80702@iang.org> <CAHBU6isgirHnx+gHP+OiHuvhzD+1OTCShCHEkhWcqEmUn9qnzQ@mail.gmail.com> <CAMm+LwiXKf1DvgbHaZoJnKdCVbak-jderv6Z8KDs9xPEbUuYQQ@mail.gmail.com> <1427343948.23692.14.camel@scientia.net> <CAMm+Lwi5bVTujuazTXw7oRty7n5RtsObEfNrJzmbtPiOb-X25g@mail.gmail.com> <m27fu3fsom.fsf@usma1mc-0csx92.kendall.corp.akamai.com> <CAMm+LwjBuZfP4NwRCy23_d9eRtcfUiLKdyZOu+jYT72HfB0g9g@mail.gmail.com> <87vbhlt8tg.fsf@alice.fifthhorseman.net> <CAMm+Lwjo5eyCHNahqWcwUBoaevCw2s3WAeq-2=maW=JEpCFWxA@mail.gmail.com> <87ego3g3v8.fsf@alice.fifthhorseman.net> <CAMm+Lwh3CiHV4L0PJFFnXdjo3prFOY=OZn5yTwW15BXQWU4RFw@mail.gmail.com> <87wq1vemp5.fsf@alice.fifthhorseman.net> <CAMm+LwhkB3cHKe-Y34QbL411qVjdzPhv5e8WFiiRSNmrrD_rGw@mail.gmail.com> <87iodfehtu.fsf@alice.fifthhorseman.net>
Date: Wed, 01 Apr 2015 16:12:16 -0400
X-Google-Sender-Auth: Jw7pXfDikic1FUbLAMDpNwJJJLQ
Message-ID: <CAMm+LwirGjoHwEgR=k1MDbXrGKXv0NZnD7jYcWHac2oGbJDCXA@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/I6cP6VLPg_UhsT7EmBXrm-DsjkY>
Cc: Christoph Anton Mitterer <calestyo@scientia.net>, Brian Sniffen <bsniffen@akamai.com>, IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification]
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 20:12:19 -0000

On Wed, Apr 1, 2015 at 4:04 PM, Daniel Kahn Gillmor
<dkg@fifthhorseman.net> wrote:
> On Wed 2015-04-01 14:56:16 -0400, Phillip Hallam-Baker wrote:
>> The property we want to get from enrolling the endorsement in a log is
>> to fix it in time. So we enroll the hash in the log rather than the
>> endorsement itself.
>
> It sounds to me like what you're aiming for with the log to make a
> first-come, first-served arrangement, maybe as a way to distinguish the
> "correct" original key from some latecomer spoof that tries to usurp it.
> Is that correct?  (this is quite different from the goals of CT, as far
> as i understand it)
>
> If FCFS is your goal, how does a user of this scheme considering
> multiple keys for e-mail address alice@example.com distinguish the
> inevitable legitimate transitions from the would-be usurper?
>
> Some examples of legitimate transitions:
>
>  * Alice loses her personal root key due to fire/theft/flood/whatever
>
>  * Example Corp. closes down, the example.com domain name goes up for
>    sale, and the new owner is a different Alice.
>
> (this is getting pretty far afield of openpgp at this point, i think, so
> i'm happy to take this discusion someplace else (therightkey?) if you
> prefer).

Yeah we could go to RightKey.

But I am not arguing for first com first served. I am arguing that the
age of an endorsement is significant. An attacker can easily set up an
endorsement cartel with 100 people signing each other's keys. But they
can't backdate the endorsements to ten years before they decided they
needed them.

v2.23.0 | Report a Bug | By Email