Re: [openpgp] Modelling an abuse-resistant OpenPGP keyserver
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 15 April 2019 17:44 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF9B41200E6 for <openpgp@ietfa.amsl.com>; Mon, 15 Apr 2019 10:44:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=lpYe7izN; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=bTIbuSNc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QoDvUgdGEugD for <openpgp@ietfa.amsl.com>; Mon, 15 Apr 2019 10:44:17 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1EBFE1200D7 for <openpgp@ietf.org>; Mon, 15 Apr 2019 10:44:17 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1555350256; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=iP7BBhe60ORDKfPSFUgG4opgfFHrrtZnefcnJzsy1Ms=; b=lpYe7izNFpyE/waYCNK5/IxrRDNew089nvdTaJjxixuZpiw4vMkYdT9D 1RTjD9eJuU90Fwst7AuL7cHueJ6GDw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1555350256; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=iP7BBhe60ORDKfPSFUgG4opgfFHrrtZnefcnJzsy1Ms=; b=bTIbuSNcZ9TsNyUjEuUbCk5KNahl8UlxtM/pH/amzwiQ/k0nbPVQizkV eFVid5+PFzeTfW43OVjnN+NioSBbksvsqBxuyCfhveI7AXDh6trpJQ/vS7 YK0xRTDxtxFD5wd8/4CBc5VBf284Cn/n3AQnjxCK/rDQ9FVycenMla7ezd 2W3vu+jt2Cdztoa9jrVjdYian55FJIsqVx4Ng02nDrRSsW6P9ARl19f8/e FDFRrK3/r8BF6ExrJpy0Vv98bx/zygXN3VhzQ4+HqEBXrGv5t5GF5VpuSv 08LTPSjn1D+cEhcw2dXQ74Ja/0PYdxRPrUwcLZucTdxR48stU916Iw==
Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 9D277F99D; Mon, 15 Apr 2019 13:44:15 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 33FC6201BC; Mon, 15 Apr 2019 13:44:09 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Micah Lee <micah.lee@theintercept.com>, openpgp@ietf.org, Phil Pennock <ietf-phil-openpgp@spodhuis.org>, SKS development list <sks-devel@nongnu.org>
In-Reply-To: <87h8az5hth.fsf@fifthhorseman.net>, <87a7gr5gvc.fsf@fifthhorseman.net>
References: <87v9zt2y2d.fsf@fifthhorseman.net> <8736mu350z.fsf@fifthhorseman.net> <2885d227-9dc4-c393-d259-fcbfd52a5c71@theintercept.com> <87a7gr5gvc.fsf@fifthhorseman.net>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Mon, 15 Apr 2019 13:44:08 -0400
Message-ID: <8736mj5fkn.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/mqq2ZpZ_fGvm7UOOMpDuC3PT31I>
Subject: Re: [openpgp] Modelling an abuse-resistant OpenPGP keyserver
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2019 17:44:25 -0000
On Mon 2019-04-15 13:16:07 -0400, Daniel Kahn Gillmor wrote: > I've labeled the abuse-detection action you're describing as "identity > monitoring" in draft -03. […] > This is a useful insight, and i've tried to document it in -03 as well. > I welcome text to improve it. On Mon 2019-04-15 12:55:38 -0400, Daniel Kahn Gillmor wrote: > In -03, I've put Yaron and Kristian ahead of your name there, […] > i've tried to describe your concerns in the "toxic data" section of > draft -03. I welcome further discussion on it. Sigh. Please excuse the typos, these should all read -02, not -03. draft -03 does not exist yet. I've just published draft -02, which is available at the usual places: https://tools.ietf.org/html/draft-dkg-openpgp-abuse-resistant-keystore-02 https://gitlab.com/dkg/draft-openpgp-abuse-resistant-keystore substantive changes between -01 and -02: * distinguish different forms of flooding attack * distinguish toxic data as distinct from flooding * retrieval-time mitigations * user ID redaction * references to related work (CT, keylist, CONIKS, key transparency, ledgers/"blockchain", etc) * more details about UI/UX The full text of the Markdown source for -02 is attached. I welcome feedback and edits! --dkg
- [openpgp] Modelling an abuse-resistant OpenPGP ke… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Peter Gutmann
- Re: [openpgp] [Sks-devel] Modelling an abuse-resi… Kiss Gabor (Bitman)
- Re: [openpgp] [Sks-devel] Modelling an abuse-resi… Wiktor Kwapisiewicz
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Jonathan McDowell
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Micah Lee
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Phil Pennock
- Re: [openpgp] Modelling an abuse-resistant OpenPG… ilf
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… ilf
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… ilf
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor
- Re: [openpgp] Modelling an abuse-resistant OpenPG… Daniel Kahn Gillmor