Re: Question for app developers, like Enigmail etc. - Identicons
On 05.06.17 01:05, Ben McGinnes wrote: > On Sun, Jun 04, 2017 at 10:47:56PM +0200, Stefan Claas wrote: >> I'm not yet familar with the TOFU model, but if it helps to spot a >> fake pub key imediately, in addition to the regular trust-model i >> see no reason why not. > That's pretty much exactly what it does. > > TOFU stands for Trust On First Use, so even if a key is not explicitly > trusted or signed, GPG will maintain a record of the number of times a > signed message has been seen from it, associated user IDs and email > addresses and so on. It will also report discrepancies. It's pretty > much how most people had been unofficially handling things anyway in > order to favour encryption even with unknown parties. > > It is, of course, another reason why people tend not to look back > after switching to GPG 2.1. > Thank you very much for your explanation! This sounds excellent! Hope i can see this soon in GPGTools implemented too. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On Sun, Jun 04, 2017 at 10:47:56PM +0200, Stefan Claas wrote: > > I'm not yet familar with the TOFU model, but if it helps to spot a > fake pub key imediately, in addition to the regular trust-model i > see no reason why not. That's pretty much exactly what it does. TOFU stands for Trust On First Use, so even if a key is not explicitly trusted or signed, GPG will maintain a record of the number of times a signed message has been seen from it, associated user IDs and email addresses and so on. It will also report discrepancies. It's pretty much how most people had been unofficially handling things anyway in order to favour encryption even with unknown parties. It is, of course, another reason why people tend not to look back after switching to GPG 2.1. Regards, Ben signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On Sun, Jun 04, 2017 at 08:29:31PM +0200, Kristian Fiskerstrand wrote: > On 06/04/2017 11:21 AM, Stefan Claas wrote: > >> The reason why i ask, i started to use Thunderbird with Enigmail >> and Enigmail shows me always Untrusted Good Signature with a 32bit >> key ID, when i have not carefully verified the persons pub key and >> --lsign'ed the pub-key. Showing only the long key id or the >> complete fingerprint is imho more difficult to quickly memorize >> than an additionial shown identicon (computed from the >> fingerprint). > > I'm likely missing something there, but if having a reasonable > assurance the public keyblock in question should likely be lsigned > by a local CAkey anyways? Doing a manual graphical verification > doesn't seem to provide anythin in terms of security here. It's got nothing to do with security and everything to do with providing a unique generated icon for each key so an end user can personally identify the correct key based on coloured shapes instead of a hexadecimal string. Which is why I called it Gravatar for GPG. It's not the sort of thing that should be in GPG itself, but there's nothing stopping anyone from incorporating that kind of feature into a key management tool. Regards, Ben signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On 04.06.17 22:32, Kristian Fiskerstrand wrote: > On 06/04/2017 10:25 PM, Stefan Claas wrote: >> With Thunderbird/Enigmail (i can't speak for other apps) a user new to GnuPG >> and and not savvy with checking email headers and not carefully checking the >> fingerprint (he must click addionally on the Details button) and who has >> never >> signed a public key before would in my opinion have it easier if he would be >> presented with an additional visual fingerprint imho, because he would >> imediately >> spot after the second email if the pub-key, he not yet lsigned, that >> there is >> something wrong. >> >> If the visual fingerprint would be bullet-proof it would not hurt to >> implement >> such a feature, imho. > Any talk about visual inspection of consistency in fingerprint seems > like an implementation of a TOFU model rather than an actual trust > model? So instead of doing a manual visual inspection, you'd want the > tofu model in gpg 2.1? > I'm not yet familar with the TOFU model, but if it helps to spot a fake pub key imediately, in addition to the regular trust-model i see no reason why not. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On 06/04/2017 10:25 PM, Stefan Claas wrote: > With Thunderbird/Enigmail (i can't speak for other apps) a user new to GnuPG > and and not savvy with checking email headers and not carefully checking the > fingerprint (he must click addionally on the Details button) and who has > never > signed a public key before would in my opinion have it easier if he would be > presented with an additional visual fingerprint imho, because he would > imediately > spot after the second email if the pub-key, he not yet lsigned, that > there is > something wrong. > > If the visual fingerprint would be bullet-proof it would not hurt to > implement > such a feature, imho. Any talk about visual inspection of consistency in fingerprint seems like an implementation of a TOFU model rather than an actual trust model? So instead of doing a manual visual inspection, you'd want the tofu model in gpg 2.1? -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 "Action is the foundational key to all success" (Pablo Picasso) signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On 04.06.17 20:29, Kristian Fiskerstrand wrote: > On 06/04/2017 11:21 AM, Stefan Claas wrote: >> The reason why i ask, i started to use Thunderbird with Enigmail and >> Enigmail shows me always Untrusted Good Signature with a 32bit key ID, >> when i have not carefully verified the persons pub key and --lsign'ed >> the pub-key. Showing only the long key id or the complete fingerprint >> is imho more difficult to quickly memorize than an additionial shown >> identicon (computed from the fingerprint). > I'm likely missing something there, but if having a reasonable assurance > the public keyblock in question should likely be lsigned by a local > CAkey anyways? Doing a manual graphical verification doesn't seem to > provide anythin in terms of security here. > Call me stupid, i use(d) GnuPG not to much and i'm not a pro user like many here on the list. But when i receive(d) a signed message the first time, from a user completey unknown to me i did not lsign his/her key. Instead i verified always the fingerprint and the email headers a couple of times. With Thunderbird/Enigmail (i can't speak for other apps) a user new to GnuPG and and not savvy with checking email headers and not carefully checking the fingerprint (he must click addionally on the Details button) and who has never signed a public key before would in my opinion have it easier if he would be presented with an additional visual fingerprint imho, because he would imediately spot after the second email if the pub-key, he not yet lsigned, that there is something wrong. If the visual fingerprint would be bullet-proof it would not hurt to implement such a feature, imho. Hope that my suggestion is not to naive or to stupid! Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: scute / firefox: cannot connect to GPG agent
Hi, Thanks for your reply! > The GPG_AGENT_INFO variable must have the following form: > "PATH_TO_SOCKET:PID:VERSION", where PID is the running agent's process ID > and VERSION is the version of the agent protocol (which must be 1). > Otherwise Scute will ignore the variable. > > So try instead: > > GPG_AGENT_INFO=$(gpgconf --list-dir agent-socket):0:1 firefox Unfortunately I still get the 'IPC connect call failed' warning: $ gpg-connect-agent /bye $ ps -p $(pidof gpg-agent) > PID TTY TIME CMD > 25379 ?00:00:09 gpg-agent $ ls -la $(gpgconf --list-dir agent-socket) > srwx-- 1 fabianpeter fabianpeter 0 Jun 4 14:09 > /run/user/1000/gnupg/S.gpg-agent $ GPG_AGENT_INFO=$(gpgconf --list-dir agent-socket):0:1 firefox > scute: agent_connect: cannot connect to GPG agent: IPC connect call failed > scute: scute_gpg_err_to_ck: Error occurred: No agent running (Unspecified > source) > > scute: agent_connect: cannot connect to GPG agent: IPC connect call failed > scute: scute_gpg_err_to_ck: Error occurred: No agent running (Unspecified > source) > $ firefox --version > Mozilla Firefox 53.0.3 Fabian signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On 06/04/2017 11:21 AM, Stefan Claas wrote: > The reason why i ask, i started to use Thunderbird with Enigmail and > Enigmail shows me always Untrusted Good Signature with a 32bit key ID, > when i have not carefully verified the persons pub key and --lsign'ed > the pub-key. Showing only the long key id or the complete fingerprint > is imho more difficult to quickly memorize than an additionial shown > identicon (computed from the fingerprint). I'm likely missing something there, but if having a reasonable assurance the public keyblock in question should likely be lsigned by a local CAkey anyways? Doing a manual graphical verification doesn't seem to provide anythin in terms of security here. -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 Bene diagnoscitur, bene curatur Something that is well diagnosed can be cured well signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On 04.06.17 13:19, Ludwig Hügelschäfer wrote: > On 04.06.17 12:39, Stefan Claas wrote: >> On 04.06.17 11:50, Ben McGinnes wrote: > (...) > >>> then add "keyid-format 0xLONG" to your gpg.conf file. >>> >> I did that, but Enigmail still shows me the short key-id. :-( > The next major version of Enigmail will show long keyIds everywhere. > Oh, that's good news! :-) Much appreciated! Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On 04.06.17 12:39, Stefan Claas wrote: > On 04.06.17 11:50, Ben McGinnes wrote: (...) >> then add "keyid-format 0xLONG" to your gpg.conf file. >> > I did that, but Enigmail still shows me the short key-id. :-( The next major version of Enigmail will show long keyIds everywhere. Ludwig signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: scute / firefox: cannot connect to GPG agent
Hi, On 06/03/2017 12:48 AM, Fabian Peter Hammerle wrote: As far as I understand gpg-agent is running. Can you please check whether it is really the case? E.g., check that the socket indicated by "gpgconf --list-dir agent-socket" does exist? After reading http://scute.org/scute.html/Troubleshooting.html I noticed that $GPG_AGENT_INFO was not set. Yes, GnuPG 2.1 does not use (nor set) that variable anymore. But Scute still needs it in order to locate the socket, especially now that the socket is no longer always located in $GNUPGHOME. If I remember correctly, the problem goes like this: 1) Scute looks for GPG_AGENT_INFO 2) The variable does not exist, so Scute looks for the socket in $GNUPGHOME 3) The socket is not there (because it is now somewhere under [/var]/run), so Scute assume there's no running agent 4) Scute spawns a new agent with the --use-standard-socket option (which used to instruct the agent to create its listening socket in $GNUPGHOME, but which has no effect with GnuPG 2.1) 5) Scute still does not find the socket in $GNUPGHOME, and thus fails with "Cannot connect to GPG Agent" To avoid this, you need both to set the GPG_AGENT_INFO variable and make sure that the agent is running before you start Firefox (simply calling "gpg-connect-agent /bye" is enough). However, setting the path manually did not solve the problem: $ gpgconf --list-dir agent-socket /run/user/1000/gnupg/S.gpg-agent $ GPG_AGENT_INFO=/run/user/1000/gnupg/S.gpg-agent firefox The GPG_AGENT_INFO variable must have the following form: "PATH_TO_SOCKET:PID:VERSION", where PID is the running agent's process ID and VERSION is the version of the agent protocol (which must be 1). Otherwise Scute will ignore the variable. So try instead: GPG_AGENT_INFO=$(gpgconf --list-dir agent-socket):0:1 firefox (The PID can be set to zero because as far as I know Scute does not actually use that information.) Hope that helps, Damien signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On 04.06.17 12:50, Robert J. Hansen wrote: >> P.S. With scallion it took me only seconds/or a minute to generate >> a fake pub-key with the same 32bit key id, on my old notebook. > The question then becomes how hard it would be to forge a qidenticon. > There's not a whole lot of entropy there. I'm no cryptographer nor a programmer, but i think a visiualisation of a fingerprint could be helpful, if it's bullet-proof. Here's an image i run with the example go code provided. I replaced the word "text" in the sample code with "0x"etc. and in the second image with "0x1000"etc. http://img5.fotos-hochladen.net/uploads/visualfingerprp9ohtdmbkr.png Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
scute / firefox: cannot connect to GPG agent
Hi, I am trying to setup Scute (http://scute.org/) so I can use my authentication subkey for client authentication in Firefox. I followed the steps in Scute's manual to setup Firefox. http://scute.org/scute.html/Application-Configuration.html My problem is that I keep getting these warnings whenever I launch Firefox: > scute: agent_connect: cannot connect to GPG agent: IPC connect call failed > scute: scute_gpg_err_to_ck: Error occurred: No agent running (Unspecified > source) As far as I understand gpg-agent is running. After reading http://scute.org/scute.html/Troubleshooting.html I noticed that $GPG_AGENT_INFO was not set. However, setting the path manually did not solve the problem: $ gpgconf --list-dir agent-socket > /run/user/1000/gnupg/S.gpg-agent $ GPG_AGENT_INFO=/run/user/1000/gnupg/S.gpg-agent firefox > scute: agent_connect: cannot connect to GPG agent: IPC connect call failed > scute: scute_gpg_err_to_ck: Error occurred: No agent running (Unspecified > source > [...] Any ideas? $ apt-cache policy scute | grep -i installed > Installed: 1.5.0+git20151221.dc22111-2 $ gpg-agent --version | head -n 2 > gpg-agent (GnuPG) 2.1.18 > libgcrypt 1.7.6 Fabian signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
> P.S. With scallion it took me only seconds/or a minute to generate > a fake pub-key with the same 32bit key id, on my old notebook. The question then becomes how hard it would be to forge a qidenticon. There's not a whole lot of entropy there. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On 04.06.17 11:50, Ben McGinnes wrote: > On Sun, Jun 04, 2017 at 11:21:33AM +0200, Stefan Claas wrote: >> The reason why i ask, i started to use Thunderbird with Enigmail and >> Enigmail shows me always Untrusted Good Signature with a 32bit key ID, >> when i have not carefully verified the persons pub key and --lsign'ed >> the pub-key. Showing only the long key id or the complete fingerprint >> is imho more difficult to quickly memorize than an additionial shown >> identicon (computed from the fingerprint). > You shouldn't need to memorise it. In Enigmail you can create rules > for addresses to link to preferred keys, as well as set whether or not > to encrypt all messages or just sign and so on. Most MUAs which > support GPG provide some method of doing this and GPG itself supports > that function with group lists in the gpg.conf file. Thank you for the information, i will check it out. > > If the version of GPG you have installed supports it, you should > probably add this to your gpg.conf: > > trust-model tofu+pgp > tofu-default-policy unknown > > That will gradually build a more practical web-of-trust which keeps > track of seen keys for you. I use GPGTools and therefore can't use it yet. > >> P.S. With scallion it took me only seconds/or a minute to generate >> a fake pub-key with the same 32bit key id, on my old notebook. > Yes, this has been possible for a long time now. Most people use a > 64-bit view for that reason. This is now the default view in GPG 2.1, > along with displaying the full finterprint. If you do not have GPG > 2.1.x installed, such as if you're using GPGTools on OS X or GPG4Win, > then add "keyid-format 0xLONG" to your gpg.conf file. > I did that, but Enigmail still shows me the short key-id. :-( Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question for app developers, like Enigmail etc. - Identicons
On Sun, Jun 04, 2017 at 11:21:33AM +0200, Stefan Claas wrote: > Hi, > > i like to ask application developers if it's possible to implement, > in the future, identicons like for example Bitmessage has? > > https://github.com/jakobvarmose/go-qidenticon It's possible, but it's highly unlikely that anyone would bother creating what is essentially Gravatar for GPG. Especially since the protocol already supports key owners including a pictrure with their key. Most people don't do that either. > The reason why i ask, i started to use Thunderbird with Enigmail and > Enigmail shows me always Untrusted Good Signature with a 32bit key ID, > when i have not carefully verified the persons pub key and --lsign'ed > the pub-key. Showing only the long key id or the complete fingerprint > is imho more difficult to quickly memorize than an additionial shown > identicon (computed from the fingerprint). You shouldn't need to memorise it. In Enigmail you can create rules for addresses to link to preferred keys, as well as set whether or not to encrypt all messages or just sign and so on. Most MUAs which support GPG provide some method of doing this and GPG itself supports that function with group lists in the gpg.conf file. If the version of GPG you have installed supports it, you should probably add this to your gpg.conf: trust-model tofu+pgp tofu-default-policy unknown That will gradually build a more practical web-of-trust which keeps track of seen keys for you. > P.S. With scallion it took me only seconds/or a minute to generate > a fake pub-key with the same 32bit key id, on my old notebook. Yes, this has been possible for a long time now. Most people use a 64-bit view for that reason. This is now the default view in GPG 2.1, along with displaying the full finterprint. If you do not have GPG 2.1.x installed, such as if you're using GPGTools on OS X or GPG4Win, then add "keyid-format 0xLONG" to your gpg.conf file. Regards, Ben signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Question for app developers, like Enigmail etc. - Identicons
Hi, i like to ask application developers if it's possible to implement, in the future, identicons like for example Bitmessage has? https://github.com/jakobvarmose/go-qidenticon The reason why i ask, i started to use Thunderbird with Enigmail and Enigmail shows me always Untrusted Good Signature with a 32bit key ID, when i have not carefully verified the persons pub key and --lsign'ed the pub-key. Showing only the long key id or the complete fingerprint is imho more difficult to quickly memorize than an additionial shown identicon (computed from the fingerprint). P.S. With scallion it took me only seconds/or a minute to generate a fake pub-key with the same 32bit key id, on my old notebook. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users