Re: [openpgp] OpenPGP private certification

[Christoph Anton Mitterer <calestyo@scientia.net>]

On Wed, 2015-04-08 at 14:29 -0400, Phillip Hallam-Baker wrote: 
> > Why should it give you any security?
> Same reason that backing up your files is the number one security
> priority: security means being able to assess and control risks to
> your assets. Confidentiality is only one concern and one that is
> fairly low down. Integrity is almost always more important.
I don't think that either you or me can decide which of the aspects of
"data security" is most important to a user.
It completely depends on the usage scenario and for some integrity may
be actually less important.

But in terms of our discussions here we probably mostly deal with
confidentiality, integrity and authenticity.
And I can't see how a own domain name helps here.


> If I invest in hallam@gmail.com then I am making myself vulnerable to
> a change of policy. I have little choice but to pay if they decide to
> start charging $50/month.
Sure, but it doesn't improve your confidentiality, integrity and authenticity.
Just make a new UID with another address, publish it, bon.

> >> I have a huge part of my
> >> brand invested in hallam@gmail.com which I don't own. Which is why I
> >> switched to phill@hallambaker.com for ietf work. But I have yet to win
> >> that argument.
> > It only gives you that some company cannot easily take away your mail
> > address, but OTOH it's probably an illusion to believe that your own
> > domain name protects you much more from this.
> >
> > See cases like the German person called "Shell", who had shell.de and
> > guess who has it now.
> 
> Which is one reason I don't trust ICANN's vision of DNSSEC.
Well but that has happened before DNSSEC, it's more a problem of DNS
itself or rather of courts being able to rule about the cyberspace.

> > Sure, it has similar problems like the X.509 PKI, just on a less extreme
> > scale.
> If trades one set of problems for another.
Which problems would it have that X.509 PKI wouldn't have?


> So example.com.<fingerprint> becomes an assertion 'the names in
> example.com as controlled by a valid, current security policy signed
> by  a key matching <fingerprint>.
Uhm that probably only works when you chain als signatures of the
respective domain (i.e. NSEC instead of NSEC3), right?

But to me this isn't a integration of DNS into OpenPGP, like in the
sense of using DNS to implement a certain trust model (yes Werner, trust
models are not part of OpenPGP ;-P)
It's vice versa an integration of OpenPGP into DNS,... which is IMHO
again totally fine (at least per se and form the OpenPGP PoV).


> Now that is an approach I can tie servers to in admin files.
AFAIU, you basically just tried to secure your zones via DNSSEC and
OpenPGP, right?
I think that approach is unnecessarily complex, since AFAIU it requires
to fully walk through the zone.
Why don't you just use the openpgp key to sign the DNSKEY RRs (+put the
result in some special RR) and validate that in your resolver before
making any further use of DNSSEC?
Of course, for that being really secure, you'd need to tell your
resolver which domains he should expect to be signed that way, just
relying on the presence of the RR that holds the signature is obviously
not enough (blocking attacks)... and relying on DNSSEC for that
obviously defeats the purpose.
Signatures must obviously also use expiration times.

Also, the method of just adding the fingerprint as an indicator smells
very strong like "replay and downgrade attacks".


Cheers,
Chris.