Re: Migrating to GPG - A mini-HOWTO
Martin Schulze [EMAIL PROTECTED] writes: And an updated version is at http://www.infodrom.north.de/~joey/GnuPG-Mini-HOWTO I've asked bma to submit this as a bug developers-reference for inclusion in that document? Do you agree that it should be adapted to the Developer's Reference so it can be maintained and distributed that way? -- .Adam Di [EMAIL PROTECTED]URL:http://www.onShore.com/
Re: Migrating to GPG - A mini-HOWTO
Adam Di Carlo wrote: Martin Schulze [EMAIL PROTECTED] writes: And an updated version is at http://www.infodrom.north.de/~joey/GnuPG-Mini-HOWTO I've asked bma to submit this as a bug developers-reference for inclusion in that document? Do you agree that it should be adapted to the Developer's Reference so it can be maintained and distributed that way? Take it and include it - but tell me so I can remove that file. Regards, Joey -- Computers are not intelligent. They only think they are. Please always Cc to me when replying to me on the lists.
Re: Migrating to GPG - A mini-HOWTO
On Tue, Sep 14, 1999 at 03:13:19PM +0200, Wichert Akkerman wrote: To help give another example of settings, here's what I have in my ~/.gnupg/options: # Screw PGP, let's be RFC compatible = openpgp [.. snip snip ..] ## Other fun options escape-from-lines You know these two conflict, right? Yes I am aware of that. It his however my belief that the behavior exhibited when quoting from lines in that manner is most desirable for email. Since GnuPG can cope with it and I don't really CARE about PGP, it's not an issue for me---but thank you for pointing it out all the same since I should have and forgot to. -- Joseph Carter [EMAIL PROTECTED] Debian GNU/Linux developer GnuPG: 2048g/3F9C2A43 - 20F6 2261 F185 7A3E 79FC 44F9 8FF7 D7A3 DCF9 DAB3 PGP 2.6: 2048R/50BDA0ED - E8 D6 84 81 E3 A8 BB 77 8E E2 29 96 C9 44 5F BE -- Espy tomorrow there will be a great disturbance in the workforce -- May 18, 1999 pgp8OTORZ1rM4.pgp Description: PGP signature
Re: Migrating to GPG - A mini-HOWTO
On Tue, Sep 14, 1999 at 12:14:42AM -0600, Jason Gunthorpe wrote: 8) Participants of 'signing parties' are encouraged to use OpenPGP keys (remember that a PGP 2.x key cannot be signed by an OpenPGP key [AFIAK]) I've got PGP keys with GPG sigs on them... Granted PGP can't even see the sigs but they can exist. If people are using GnuPG they even work. -- Joseph Carter [EMAIL PROTECTED] Debian GNU/Linux developer GnuPG: 2048g/3F9C2A43 - 20F6 2261 F185 7A3E 79FC 44F9 8FF7 D7A3 DCF9 DAB3 PGP 2.6: 2048R/50BDA0ED - E8 D6 84 81 E3 A8 BB 77 8E E2 29 96 C9 44 5F BE -- I never thought that I'd see the say where Netscape is free software and X11 is proprietary. We live in interesting times. -- Matt Kimball [EMAIL PROTECTED] pgpAIFAFoxe3h.pgp Description: PGP signature
Re: Migrating to GPG - A mini-HOWTO
That higher level of confidence would be misplaced if I'd simply mailed my key to all my old PGP signers, and they'd signed it. Sorry, I don't get this. Why is it a problem if one of my old signers signs my new key if I send it to them in a mail signed by my old key? Lots of others have answered this, but in case you missed them: How do you know whether their original key has been compromised? And you are now blindly signing a key guaranteeing that you *KNOW* with absolute certainty that this key belongs to them. But you don't know this, actually: all that you know is that the key you have received was signed by a key you once signed yourself. Furthermore, let's imagine that their key was compromised. Ally Attacker now has your friend's key, and generates a new key, sending it around signed by the stolen key, asking for signatures on the key. All of the original signatories now sign the key, and everyone will believe that this new key belongs to your friend. But in fact, Ally is in complete control, and no-one who's signed it is able to revoke their signature without revoking their entire key, and even then, the spread of information can be slow. Furthermore, your friend cannot even revoke Ally's fake key, for your friend does not have the private key to generate the required revokation certificate. And therefore, your friend has some very serious problems. Conclusion: NEVER, EVER sign a key without confirming, face-to-face, or by telephone if you know them, that the key really does belong to who it claims to. Julian =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Julian Gilbey, Dept of Maths, QMW, Univ. of London. [EMAIL PROTECTED] Debian GNU/Linux Developer, see http://www.debian.org/~jdg
Re: Migrating to GPG - A mini-HOWTO
On Tue, Sep 14, 1999 at 03:38:34PM +0200, Marco d'Itri wrote: I signed my DSS key with the old RSA key and then asked people who signed the old key to sign the new one with their DSS key. This is easy and secure. Not if you didn't ask in person... -- Joseph Carter [EMAIL PROTECTED] Debian GNU/Linux developer GnuPG: 2048g/3F9C2A43 - 20F6 2261 F185 7A3E 79FC 44F9 8FF7 D7A3 DCF9 DAB3 PGP 2.6: 2048R/50BDA0ED - E8 D6 84 81 E3 A8 BB 77 8E E2 29 96 C9 44 5F BE -- * Espy ponders an uplad queue called 'hell' so I can do dupload --to hell pgpGzzMY7kjgf.pgp Description: PGP signature
Re: Migrating to GPG - A mini-HOWTO
At 10:55 -0400 1999-09-15, Chris Fearnley wrote: How does one generate an RSA key using the gpg-rsaref package? Why on earth would you want to do that? -- Joel Klecker (aka Espy)Debian GNU/Linux Developer URL:mailto:[EMAIL PROTECTED] URL:mailto:[EMAIL PROTECTED] URL:http://web.espy.org/ URL:http://www.debian.org/
Re: Migrating to GPG - A mini-HOWTO
James Troup wrote: Eh, calm down, Joey. I not only can, but should and have decided that GnuPG keys must be verified before they enter the keyring, i.e. I'm not going to add a random key from a random developer without proof it comes from that developer. I'll hope you'll be so kind as to give me your gracious blessing for taking that liberty. Gracious blessing given. Regards, Joey -- We all know Linux is great... it does infinite loops in 5 seconds. - Linus Torvalds
Re: Migrating to GPG - A mini-HOWTO
Jason Gunthorpe wrote: All it means is that GPG should be used in a mode where it will not interoperate with PGP 2.x. This is what Joey's HOWTO recommended more or less. So correct it. You seem to want to give it away rather strongly, so I'd be happy to pick it up and add a few sections - did you use any sort of document processor? Emacs. And an updated version is at http://www.infodrom.north.de/~joey/GnuPG-Mini-HOWTO Still missing: How to use GnuPG for your old PGP keys and stuff. Regards, Joey -- We all know Linux is great... it does infinite loops in 5 seconds. - Linus Torvalds
Re: Migrating to GPG - A mini-HOWTO
Michael Meskes [EMAIL PROTECTED] writes: On Tue, Sep 14, 1999 at 09:21:22AM +0100, Philip Hands wrote: Are you saying that people should sign keys received via e-mail, rather than face to face ? If so, I'm strongly against this. Why? I'd have hoped that that was clear by now, but I'll go for it one more time because if people start signing keys on any other basis than ``I saw the person, I saw and was convinced by their ID, and they gave me their key's fingerprint'' then we might as well throw our web of trust in the bin. ... Yes, I can revoke my key once I notice this. But the compromiser can also create a new key for me and revoke the old one for me. So I have no access anymore to my own PGP key as well. Where's the difference with the GPG keys? This is exactly right. So once this has happened we have two possible scenarios: 1) People adopt your ``sign any key signed by the old key'' approach, in which case the evil key stealer will have the new key signed by loads of people you met once, and their adoption of your identity will be complete. 2) People only sign the new key if YOU physically prove that it is your key, in which case the evil key stealer will only have your signature on the new key. Meanwhile you will be able to generate a new key, and get it signed by some other people, thus recovering your identity, since your key must be the one that has other people's signatures on it. I know there is some pathetic kudos about how many signatures you have on your key, but if none of them are real signatures what good does it do us ? If a digital signature is enough to prove the provenance of a key (which under normal circumstances it is) then the fact that you've signed your new key with your old key is all we need to extend the web of trust to the new key. If that key is in fact compromised, and we are suspicious about something signed by it, then we can look at the signature list and find that it only has one signature on it, which gives us some useful data about how trustworthy it is. If people were to adopt the approach that they'll sign any key purporting to be from the people they've signed keys for already, then the fake key will soon have all the same signatures as the old key, and we have no way to tell the difference. Personally, if I discover that a person have been signing keys without physical independent proof of identity, I'll be setting that signer's key's trust level to ``never''. I'd hope the same goes for the project as a whole. Cheers, Phil.
Re: Migrating to GPG - A mini-HOWTO
On Tue 14 Sep 1999, Michael Stone wrote: On Tue, Sep 14, 1999 at 11:55:39PM +0200, Martin Schulze wrote: Michael Stone wrote: Not really. What if the pgp key is compromised? The original owner can release a revocation certificate for the pgp key, but if someone creates a new gpg key that you sign based on the (compromised) pgp key then you've possibly validated a key that the original owner cannot revoke. That would be bad. So what do you propose? Not using any digital signing at all? How does that follow at all? Take a breath and calm down. I think his point is that if you can't trust a pgp signature to sign a gpg key, why should trust a pgp signature to do anything at all, e.g. accept an uploaded package. Seems like a reasonable argument. Paul Slootman -- home: [EMAIL PROTECTED] http://www.wurtel.demon.nl/ work: [EMAIL PROTECTED] http://www.murphy.nl/ debian: [EMAIL PROTECTED] http://www.debian.org/ isdn4linux: [EMAIL PROTECTED] http://www.isdn4linux.de/
Re: Migrating to GPG - A mini-HOWTO
On Wed, Sep 15, 1999 at 01:01:18PM +0200, Paul Slootman wrote: I think his point is that if you can't trust a pgp signature to sign a gpg key, why should trust a pgp signature to do anything at all, e.g. accept an uploaded package. Seems like a reasonable argument. Because the real user can undo one action and not the other. Because the integrity of multiple keys is compromised in one case and not the other. If I lose my key, that's a bad thing (but I can undo it). If I lose my key and then someone gets *you* to start signing bogus stuff, that's worse (and I can't undo it). In the particular case of debian packages this might not be that big a deal. (Except that it starts down the road of following bad practices--if I trust pgp sigs so much, why not sign your key since that other guy signed it...) In the larger case of maintaining the integrity of the web of trust, this is a much larger problem. Mike Stone pgpOIfO66pVro.pgp Description: PGP signature
Re: Migrating to GPG - A mini-HOWTO
On Tue 14 Sep 1999, Jason Gunthorpe wrote: On 14 Sep 1999, Ben Pfaff wrote: Michael Stone [EMAIL PROTECTED] writes: Again, no it isn't. How do they know that someone didn't steal your pgp key?=20 How is this different from the question ``How does dinstall (or other person/program) know someone hasn't stolen [developer]'s PGP key?'' Because you can revoke the old key and have all of it's signatures become invalid. But, you cannot revoke this 'new' key that was created and passed around as real using your compromised old key. It now has real signatures that say 'I know for certain that this key belongs to this person'. OK, but still things may have been done because the old key was not yet revoked, or the revoking hasn't trickled through everywhere yet. I'm sure that most people don't check with the central key servers every time they check a signature. With dinstall a compromise is short lived and can be undone by erasing the effected package. Creating a new key and getting people to sign it cannot really be undone. How do you prove to whoever is able to erase the package that you are who you say you are? I.e. how do you convince them that they should in fact erase the package? In short, the problem just moves around; being able to revoke a key is great, but still leaves many problems open. Paul Slootman -- home: [EMAIL PROTECTED] http://www.wurtel.demon.nl/ work: [EMAIL PROTECTED] http://www.murphy.nl/ debian: [EMAIL PROTECTED] http://www.debian.org/ isdn4linux: [EMAIL PROTECTED] http://www.isdn4linux.de/
Re: Migrating to GPG - A mini-HOWTO
On Wed 15 Sep 1999, Philip Hands wrote: I know there is some pathetic kudos about how many signatures you have Is the pathetic part the reason why you don't have any? :-) Paul Slootman -- home: [EMAIL PROTECTED] http://www.wurtel.demon.nl/ work: [EMAIL PROTECTED] http://www.murphy.nl/ debian: [EMAIL PROTECTED] http://www.debian.org/ isdn4linux: [EMAIL PROTECTED] http://www.isdn4linux.de/
Re: Migrating to GPG - A mini-HOWTO
On 14 Sep 1999, Philip Hands wrote: Obviously, if we're life-long friends, and I send you a new key signed with my old key, and then you phone me up and establish that I really did send it to you, and that your pretty certain that it is me on that answered the phone, then a face to face meeting is probably redundant. Someone could steal your mail, and send a new with his key. You should exchange the fingerprint on phone! Flocsy Gabor Fleischer MAILTO: [EMAIL PROTECTED] URL: http://www.mtesz.hu/~flocsy SMS: [EMAIL PROTECTED] ICQ UIN: 27733935
Re: Migrating to GPG - A mini-HOWTO
On Sep 14, Michael Stone [EMAIL PROTECTED] wrote: I signed my DSS key with the old RSA key and then asked people who signed the old key to sign the new one with their DSS key. This is easy and secure. Again, no it isn't. How do they know that someone didn't steal your pgp key? I'm using the RSA key for other things so they still have to trust it. We have not outlawed RSA keys, so debian still trusts them too. -- ciao, Marco
Re: Migrating to GPG - A mini-HOWTO
On Wed, 15 Sep 1999, Paul Slootman wrote: I'm sure that most people don't check with the central key servers every time they check a signature. How should I do this? Is it automated? Can pine/mutt do it while I'm online? Flocsy URL: http://flocsy.spedia.net MAIL:[EMAIL PROTECTED] SMS: [EMAIL PROTECTED] ICQ:27733935 If you want to know how you can earn some money while browsing click: http://www.spedia.net/cgi-bin/dir/tz.cgi?run=show_svcfl=8vid=119891
Re: Migrating to GPG - A mini-HOWTO
On Sun, Sep 12, 1999 at 05:43:21PM -0400, Brian Almeida wrote: How to switch to GnuPG for developers..a very brief mini-HOWTO -- Very nice mini-HOWTO. But I still have several questions: How does one generate an RSA key using the gpg-rsaref package? How does one send the RSA key to [EMAIL PROTECTED] Is this all that is needed to be added to the Debian keyring for GPG? Are the gpg-rsaref and gpg-idea packages both needed? Why? -- Christopher J. Fearnley | Linux/Internet Consulting [EMAIL PROTECTED] | Design Science Revolutionary http://www.CJFearnley.com| Explorer in Universe Dare to be Naïve -- Bucky Fuller
Re: Migrating to GPG - A mini-HOWTO
On Wed, Sep 15, 1999 at 01:19:34PM +0200, Paul Slootman wrote: [...] With dinstall a compromise is short lived and can be undone by erasing the effected package. Creating a new key and getting people to sign it cannot really be undone. How do you prove to whoever is able to erase the package that you are who you say you are? I.e. how do you convince them that they should in fact erase the package? With your old compromised key. Martin -- Not that I have anything much against redundancy. But I said that already. -- Larry Wall in [EMAIL PROTECTED]
Re: Migrating to GPG - A mini-HOWTO
Paul Slootman [EMAIL PROTECTED] writes: How do you prove to whoever is able to erase the package that you are who you say you are? I.e. how do you convince them that they should in fact erase the package? You do that by sending them a message signed with a new key, that you have had signed by someone else. As long as people don't adopt the ``I'll sign anything you like, once I've met you once'' attitude, this works. To address the ``If you trust it for anything, you should trust it for everything'' argument, lets try to draw an analogy in the real world: Lets say you are a bank manager, and you have a list of all your customer's signatures (which are difficult to forge). Customer A sends you a signed letter, instructing you to transfer 100.00 to another person's account. Customer B mails you a signed letter saying that they have had plastic surgery, and changed their name, and not only do they want you to transfer all future control of the account into this new name, but they also want you to sign an affidavit saying that you're sure that these two names apply to the same person. I think you're quite likely to do as requested by ``A'', but will request that customer B come in, in person, with all required documentation to prove their claims, before doing what they asked. If any of the people reading this treat key signing any less seriously than signing such an affidavit, then please speak up so that the rest of us can tell PGP/GPG that your signatures are proof of nothing much. Cheers, Phil.
Re: Migrating to GPG - A mini-HOWTO
Paul Slootman [EMAIL PROTECTED] writes: On Wed 15 Sep 1999, Philip Hands wrote: I know there is some pathetic kudos about how many signatures you have Is the pathetic part the reason why you don't have any? :-) Ah, I'd not updated my key in the keyring since I joined. Well not until last week that is, you'll find a few signatures on my keys in debian-keyring_1999.09.12_all.deb No the pathetic part is that people seem to be more worried about the number, rather than the quality of the signatures. Not that it matters, but my PGP key is currently signed by 6 people (all of whom have seen me and my passport when I gave them my fingerprint) and my GPG key is signed by two people (on the same basis) as well as being signed by both my GPG and PGP keys. As long as we don't adopt the ``sign by mail'' approach, the combination of these two signatures and my own PGP signature on the new GPG key should be sufficient to prove that it's not an identity hijack in progress. If however we accept the ``sign by mail'' idea those two signatures might prove nothing more than the foolishness of the signers. I really see no point in trying to persuade my other PGP signers to sign my GPG key on the strength of an e-mail. If I succeeded in doing so it would simply prove that that person was willing to sign keys on insufficient evidence, and as such that they should be removed from our web of trust. Cheers, Phil.
Re: Migrating to GPG - A mini-HOWTO
On Wed, 15 Sep 1999, Chris Fearnley wrote: How does one generate an RSA key using the gpg-rsaref package? It isn't possible. The gpg-rsaref does not have key generation code included. Also, AFAIK gpg does not have an option to generate a PGP 2.x key - it only creates OpenPGP keys. How does one send the RSA key to [EMAIL PROTECTED] Is this all that is needed to be added to the Debian keyring for GPG? Please don't create -new- PGP 2.x RSA keys, use DSA in an OpenPGP form for all new keys. Are the gpg-rsaref and gpg-idea packages both needed? Why? You only need the idea package to process or create PGP 2.x compatible encrypted messages. Jason