On Sun, Jul 27, 2014 at 12:45 PM, Mike Hearn <[email protected]> wrote: >> >> Trusting national passport agencies seems wrong for this use case. > > > Now it would be. But I think it's worth remembering that at the start > Greenwald was not a well known national security journalist, he was a > relatively obscure columnist and blogger. He didn't expect what happened and > wasn't using PGP as a result. All different now of course, but it's hard for > people to learn PGP, and hard for them to predict they might want to use it. > And that in turn means it's hard to bootstrap a secure conversation, as > Snowden learned the hard way when he failed to do so.
That's true, but I don't think your proposal solves this. Your proposal amounts to: Glenn, or anyone who's scanned his passport, can register a public-key in his name by running some "SNARK" tool to generate proof of passport fields and a public key he chooses. Then this proof can be published to some global directory. Glenn still needs to generate a keypair, manage his private-key, decrypt messages, etc. You argue that scanning your passport is easier than registering for an S/MIME cert or PKP key-signing / WoT path-building, but almost no-one does these. Better comparables - and more plausible solutions IMO - would be publishing your fingerprint/key/proof widely (via your website, social media, friends, etc.), or registering with keyserver(s) that authenticate you via email. It's worth re-iterating that your trust model allows anyone who's scanned your passport to forge a proof for you, which is particularly bad for the well-travelled journalists you're imagining protecting. And in other ways this doesn't address the concrete situation of source / journalist communications: - Identity-hiding and relationship-hiding are also important; the problem is bigger than key lookup. - The key lookup aspect could be solved by the journalist publishing his key or fingerprint or similar via his organization's web presence. > Usability suffers a lot if asymmetric crypto gets directly exposed to end > users. That's why I'm interested in the directory problem. A good key > directory (even if the users don't really realise that's what it is) seems > like a crucial feature for making it as brainless as possible. Again true, preaching to choir etc. But the problems with, say, PGP keyservers are very basic - keys can't be deleted, and anyone can add keys for anyone (which a lot of people will just download and immediately accept!) There's a ton of progress that could be made by sane engineering and fixing things like this, which is why I'm grumpy and skeptical about new crypto exotica... Trevor _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
