IETF Logo Mail Archive

Re: [openpgp] OpenPGP private certification

Christoph Anton Mitterer <calestyo@scientia.net> Wed, 08 April 2015 13:33 UTC

Return-Path: <calestyo@scientia.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DC7A1A86E0 for <openpgp@ietfa.amsl.com>; Wed, 8 Apr 2015 06:33:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x3jcxMMkH7S5 for <openpgp@ietfa.amsl.com>; Wed, 8 Apr 2015 06:33:53 -0700 (PDT)
Received: from mailgw02.dd24.net (mailgw-02.dd24.net [193.46.215.43]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D8521A86F4 for <openpgp@ietf.org>; Wed, 8 Apr 2015 06:33:53 -0700 (PDT)
Received: from mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-02.live.igb.homer.key-systems.net [192.168.1.27]) by mailgw02.dd24.net (Postfix) with ESMTP id A33D15FB11; Wed, 8 Apr 2015 13:33:51 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mailpolicy-02.live.igb.homer.key-systems.net
Received: from mailgw02.dd24.net ([192.168.1.36]) by mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-02.live.igb.homer.key-systems.net [192.168.1.25]) (amavisd-new, port 10236) with ESMTP id HTm7iNn7nTCF; Wed, 8 Apr 2015 13:33:49 +0000 (UTC)
Received: from heisenberg.fritz.box (ppp-188-174-180-118.dynamic.mnet-online.de [188.174.180.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailgw02.dd24.net (Postfix) with ESMTPSA; Wed, 8 Apr 2015 13:33:49 +0000 (UTC)
Message-ID: <1428500028.5137.26.camel@scientia.net>
From: Christoph Anton Mitterer <calestyo@scientia.net>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Wed, 08 Apr 2015 15:33:48 +0200
In-Reply-To: <CAMm+Lwjq3He8tHRWCOq7gLcps-Zor-m-hk0sMcdbjfKout-nBg@mail.gmail.com>
References: <CAA7UWsUz65C0GAQo8Yf7ZOeT9BYy+NLV5pbbPg+Ok0-72ca1eA@mail.gmail.com> <1426721882.4249.72.camel@scientia.net> <5510578A.80304@iang.org> <1427140788.10191.75.camel@scientia.net> <5510B7CF.8060308@iang.org> <1427168189.10191.241.camel@scientia.net> <5511FE82.6010807@iang.org> <1427243451.10191.375.camel@scientia.net> <5512F137.80702@iang.org> <CAHBU6isgirHnx+gHP+OiHuvhzD+1OTCShCHEkhWcqEmUn9qnzQ@mail.gmail.com> <CAMm+LwiXKf1DvgbHaZoJnKdCVbak-jderv6Z8KDs9xPEbUuYQQ@mail.gmail.com> <1427343948.23692.14.camel@scientia.net> <CAMm+Lwi5bVTujuazTXw7oRty7n5RtsObEfNrJzmbtPiOb-X25g@mail.gmail.com> <m27fu3fsom.fsf@usma1mc-0csx92.kendall.corp.akamai.com> <CAMm+LwjBuZfP4NwRCy23_d9eRtcfUiLKdyZOu+jYT72HfB0g9g@mail.gmail.com> <87vbhlt8tg.fsf@alice.fifthhorseman.net> <CAMm+Lwjo5eyCHNahqWcwUBoaevCw2s3WAeq-2=maW=JEpCFWxA@mail.gmail.com> <sjmvbheioxv.fsf@securerf.ihtfp.org> <CAMm+Lwi4zsnQoX0R0CRbmDceLKi8B3ipHnBvSqNgo8FA8UYh3w@mail.gmail.com> <87mw2i28nr.fsf@vigenere.g10code.de> <CAMm+Lwief440=CdrQrjma1qrFHJYKTZAM5gZ1N9mMVikFvDzSw@mail.gmail.com> <1428498695.5137.17.camel@scientia.net> <CAMm+Lwjq3He8tHRWCOq7gLcps-Zor-m-hk0sMcdbjfKout-nBg@mail.gmail.com>
Content-Type: multipart/signed; micalg="sha-512"; protocol="application/x-pkcs7-signature"; boundary="=-ZuJfPBhQ8dtkTPiaXEeH"
X-Mailer: Evolution 3.12.9-1+b1
Mime-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/scK6gRwPE9AXuAehXJzVoXAx0bQ>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] OpenPGP private certification
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2015 13:33:58 -0000

On Wed, 2015-04-08 at 09:23 -0400, Phillip Hallam-Baker wrote: 
> > Crypto is not an iPhone.
> Mine is.
Believing that you're secure with a proprietary driven system, from a
company which is known to have worked with mass surveillance
organisation (and if it's just because they were forced so by law), is
naive - at best.


> > Removing a key (and its associated information like revocations or other
> > signatures) from the keyservers is generally a break of security, as it
> > allows for blocking or similar attacks.
> > And attacker could make a valid key removed just by blocking keys that
> > haven't been "renewed".
> 
> And what is to stop someone maliciously loading up a broken key or an
> entirely fraudulent key?
Nothing, but neither would these be trusted nor has it anything to do
with the security breaches that arise from removing data from the
keyservers.


> I don't think that you can make a good case for circulating bad data
> in case it might be good.
A key and associated information doesn't become "bad" just because the
user didn't "renew" it.
We have explicit mechanisms for users to mark their keys as no longer be
usable, either by revocation signatures or by giving them an expiration
date. Both methods let the decision in the hand of the user and don't
place it into the hand of potentially evil other parties.

And if with "bad data" you mean corrupted keys in the sense of broken
uploads or that like, then this is obviously something different.
Such key would immediately be ruled out and not because someone decided
that it suddenly doesn't match some criteria anymore.

Regardless of how you put it, removal of valid keys (valid in the sense
of "conforming to the OpenPGP format" is a break of security.


C.

v2.23.0 | Report a Bug | By Email