IETF Logo Mail Archive

Re: [openpgp] OpenPGP private certification

Phillip Hallam-Baker <phill@hallambaker.com> Wed, 08 April 2015 18:29 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD7D31A8AD9 for <openpgp@ietfa.amsl.com>; Wed, 8 Apr 2015 11:29:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IVG4CIiC6jJ1 for <openpgp@ietfa.amsl.com>; Wed, 8 Apr 2015 11:29:15 -0700 (PDT)
Received: from mail-lb0-x230.google.com (mail-lb0-x230.google.com [IPv6:2a00:1450:4010:c04::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC1E21A8A60 for <openpgp@ietf.org>; Wed, 8 Apr 2015 11:29:14 -0700 (PDT)
Received: by lbbqq2 with SMTP id qq2so65018350lbb.3 for <openpgp@ietf.org>; Wed, 08 Apr 2015 11:29:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=WHopKEohkmYknwzYsAiJ48Cv1fiP40xL/bIYcJbzMbI=; b=EJAo3iFOM0w515v4dOWsyC7ePqm01sHpbhojdCXOb+h7r0YprgLWICySuRxE0k8v9J TkAD9DEq9tscIMy4nbhQjDS+p6LRZj2V2iWKlu052rgdpr6tH4f7yiQMHN/hZ0Z5mhuU FgRxizSCnrBubYW3BdxN7zfjYFvxPC2Qz0S23f0EvHnZo2ZTLBhUbdw9AoVN5MsVHrl/ M9AjWFAuI22WUQ5Ly2dA5EVOsycMTFAFLK82Bq0G8DJ+17c8ZLpi7WBXkaHFp71me3Kc Jhn3IAinx0xPN2gHgupeUpPYMqphOvgXY40cBrBxWj76ZHvvZMWauU2g/Avz2ToLFQt0 y0lw==
MIME-Version: 1.0
X-Received: by 10.152.88.1 with SMTP id bc1mr1086104lab.79.1428517753413; Wed, 08 Apr 2015 11:29:13 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.147.165 with HTTP; Wed, 8 Apr 2015 11:29:13 -0700 (PDT)
In-Reply-To: <1428516305.5137.36.camel@scientia.net>
References: <CAA7UWsUz65C0GAQo8Yf7ZOeT9BYy+NLV5pbbPg+Ok0-72ca1eA@mail.gmail.com> <1426721882.4249.72.camel@scientia.net> <5510578A.80304@iang.org> <1427140788.10191.75.camel@scientia.net> <5510B7CF.8060308@iang.org> <1427168189.10191.241.camel@scientia.net> <5511FE82.6010807@iang.org> <1427243451.10191.375.camel@scientia.net> <5512F137.80702@iang.org> <CAHBU6isgirHnx+gHP+OiHuvhzD+1OTCShCHEkhWcqEmUn9qnzQ@mail.gmail.com> <CAMm+LwiXKf1DvgbHaZoJnKdCVbak-jderv6Z8KDs9xPEbUuYQQ@mail.gmail.com> <1427343948.23692.14.camel@scientia.net> <CAMm+Lwi5bVTujuazTXw7oRty7n5RtsObEfNrJzmbtPiOb-X25g@mail.gmail.com> <m27fu3fsom.fsf@usma1mc-0csx92.kendall.corp.akamai.com> <CAMm+LwjBuZfP4NwRCy23_d9eRtcfUiLKdyZOu+jYT72HfB0g9g@mail.gmail.com> <87vbhlt8tg.fsf@alice.fifthhorseman.net> <CAMm+Lwjo5eyCHNahqWcwUBoaevCw2s3WAeq-2=maW=JEpCFWxA@mail.gmail.com> <sjmvbheioxv.fsf@securerf.ihtfp.org> <CAMm+Lwi4zsnQoX0R0CRbmDceLKi8B3ipHnBvSqNgo8FA8UYh3w@mail.gmail.com> <87mw2i28nr.fsf@vigenere.g10code.de> <CAMm+Lwief440=CdrQrjma1qrFHJYKTZAM5gZ1N9mMVikFvDzSw@mail.gmail.com> <87vbh6zqsy.fsf@vigenere.g10code.de> <CAMm+Lwiq71ToxKwPgLPKhGvPCC5QRjeVeV+V8yOiG+e91JYmhQ@mail.gmail.com> <1428516305.5137.36.camel@scientia.net>
Date: Wed, 08 Apr 2015 14:29:13 -0400
X-Google-Sender-Auth: nb2qakKVLV9IF3zjF7vhnWzxhEg
Message-ID: <CAMm+Lwjyt9+u8zL_UpSFK8P55-b751PnijLjKXSvSQ+EWz7XvQ@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Christoph Anton Mitterer <calestyo@scientia.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/rFK8jsii0dxaX4pztKwWzJvyXN0>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] OpenPGP private certification
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2015 18:29:17 -0000

On Wed, Apr 8, 2015 at 2:05 PM, Christoph Anton Mitterer
<calestyo@scientia.net> wrote:
> On Wed, 2015-04-08 at 10:15 -0400, Phillip Hallam-Baker wrote:
>> Personally, I believe that owning your personal DNS name is as
>> important for security as having a keypair.
> Why should it give you any security?

Same reason that backing up your files is the number one security
priority: security means being able to assess and control risks to
your assets. Confidentiality is only one concern and one that is
fairly low down. Integrity is almost always more important.

If I invest in hallam@gmail.com then I am making myself vulnerable to
a change of policy. I have little choice but to pay if they decide to
start charging $50/month.

>> I have a huge part of my
>> brand invested in hallam@gmail.com which I don't own. Which is why I
>> switched to phill@hallambaker.com for ietf work. But I have yet to win
>> that argument.
> It only gives you that some company cannot easily take away your mail
> address, but OTOH it's probably an illusion to believe that your own
> domain name protects you much more from this.
>
> See cases like the German person called "Shell", who had shell.de and
> guess who has it now.

Which is one reason I don't trust ICANN's vision of DNSSEC.

But still, security is risk control and not risk elimination -
something I have been saying for over 20 years now.


>> I really don't like having ICANN as my root CA either. DNSSEC is a
>> monolithic, single rooted scheme which I don't consider very
>> trustworthy because of that.
> Sure, it has similar problems like the X.509 PKI, just on a less extreme
> scale.

If trades one set of problems for another.

> But no one should try to impose a strict hierarchical trust model on
> OpenPGP anyway. So I don't think it's a particularly good idea to
> somehow combine OpenPGP with DNS/DNSSEC/DANE.

I think there are ways to combine PGP ideas with DNS and DNSSEC in a
useful manner, DANE is not one of them.

The approach I have been using most recently is an extension of the
.onion idea. But instead of making a key fingerprint a subdomain, I
make it the root.


So example.com.<fingerprint> becomes an assertion 'the names in
example.com as controlled by a valid, current security policy signed
by  a key matching <fingerprint>.

Now that is an approach I can tie servers to in admin files.

v2.23.0 | Report a Bug | By Email