Re: [openpgp] OpenPGP private certification

[Christoph Anton Mitterer <calestyo@scientia.net>]

On Wed, 2015-04-08 at 10:15 -0400, Phillip Hallam-Baker wrote: 
> Personally, I believe that owning your personal DNS name is as
> important for security as having a keypair.
Why should it give you any security?

> I have a huge part of my
> brand invested in hallam@gmail.com which I don't own. Which is why I
> switched to phill@hallambaker.com for ietf work. But I have yet to win
> that argument.
It only gives you that some company cannot easily take away your mail
address, but OTOH it's probably an illusion to believe that your own
domain name protects you much more from this.

See cases like the German person called "Shell", who had shell.de and
guess who has it now.


> I really don't like having ICANN as my root CA either. DNSSEC is a
> monolithic, single rooted scheme which I don't consider very
> trustworthy because of that.
Sure, it has similar problems like the X.509 PKI, just on a less extreme
scale.
But no one should try to impose a strict hierarchical trust model on
OpenPGP anyway. So I don't think it's a particularly good idea to
somehow combine OpenPGP with DNS/DNSSEC/DANE.

If at all that would mostly only interesting for securing TOFU like
systems at least a tiny bit - but OTOH, we shouldn't follow TOFU, it's
basically a big lie as I pointed out in a recent lengthy thread on one
of the gnupg mailing lists.


> We do need trust hierarchies for key management. But each individual
> should be the root of their personal hierarchy.
+1


> I don't think anyone has signature validation done right today. All
> signatures are broken unless they are enrolled in an append-only log.
> To verify a signature, you need to go back in time to the point where
> the signature was created and check the signature in that time
> context.
I don't get the point here. At least it doesn't sound like anything in
the responsibility of the crypto system, rather something for higher
level programs.


Cheers,
Chris.