subject:"TOFU for GnuPG"

Re: TOFU for GnuPG

2015-11-05 Thread Neal H. Walfield

At Thu, 5 Nov 2015 17:29:22 +,
MFPA wrote:
> On Thursday 29 October 2015 at 2:06:51 PM, in
> , Neal H. Walfield wrote:
> > Note: GpgME has not yet been extended to support TOFU
> > so these messages might not be shown.
> 
> I would think that was quite important, for users whose email client
> uses GPGME.

Sure :).  But, it was less important than implementing TOFU in GnuPG
first.

Thanks!

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-05 Thread MFPA

Hi

On Thursday 29 October 2015 at 2:06:51 PM, in
, Neal H. Walfield wrote:

> In particular, I'm
> interested in learning how well this fits into your
> work flow and whether or not you'll use it.

I suspect I would use it, configured to ask my decision each time it
encountered a new key/UID combination. My use of GnuPG is fairly
limited: mainly participation in the PGPNET encrypted discussion
group, occasional other encrypted email discussions, and signatures on
a couple of discussion lists.

> Note: GpgME has not yet been extended to support TOFU
> so these messages might not be shown.

I would think that was quite important, for users whose email client
uses GPGME.

-- 
Best regards

MFPA  

A picture is a poem without words

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread Neal H. Walfield

Hi,

At Tue, 03 Nov 2015 16:56:27 +0100,
Andre Heinecke wrote:
> On Tuesday 03 November 2015 16:34:39 you wrote:
> > At Tue, 03 Nov 2015 16:10:24 +0100,
> > 
> > Andre Heinecke wrote:
> > > Don't we need to lookup the new key anyway to make validity decisions?
> > > Until then we assume "Unknown" trust.
> > 
> > In the verify case, yes.  But what about the sign case?  We just see
> > that the old key has been revoked, but we don't know what the new key
> > is.
> 
> I assume you mean the encrypt case (I don't see how this affects sign)? But 
> still I don't see a problem there. If you don't have a valid key to encrypt 
> to. You need to get a different key. How is the trust model involved in that?
> 
> Once you have that new key you can do the UID / Signature checks I suggested.

You're correct, I meant the encrypt case.

Let's say you want to send an email to Alice and she has revoked her
key.  Best practice dictates that you should run something like
Parcimonie to keep your keyring up to date.  So, let's assume that
Parcimonie has also updated Alice's key.  Now, when you try to encrypt
an email to Alice, GnuPG won't let you, because the key is revoked.
The question then becomes: how do you discover her new key?  If we had
a machine readable field, as I propose, GnuPG could tell you the new
key id and even automatically fetch it for you.  If we are using
signature cross checking, then GnuPG can't help the user, because the
new key is necessarily available locally.

Note: the trust model is not relevant here.  The issue of determining
the new key is only relevant insofar as the TOFU code can suppress
spurious conflict messages if it has this information.

Thanks,

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread Andre Heinecke

Hi,

On Tuesday 03 November 2015 16:34:39 you wrote:
> At Tue, 03 Nov 2015 16:10:24 +0100,
> 
> Andre Heinecke wrote:
> > Don't we need to lookup the new key anyway to make validity decisions?
> > Until then we assume "Unknown" trust.
> 
> In the verify case, yes.  But what about the sign case?  We just see
> that the old key has been revoked, but we don't know what the new key
> is.

I assume you mean the encrypt case (I don't see how this affects sign)? But 
still I don't see a problem there. If you don't have a valid key to encrypt 
to. You need to get a different key. How is the trust model involved in that?

Once you have that new key you can do the UID / Signature checks I suggested.

Regards,
Andre

-- 
Andre Heinecke |  ++49-541-335083-262  | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner

signature.asc
Description: This is a digitally signed message part.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread Neal H. Walfield

At Tue, 3 Nov 2015 15:37:06 +,
MFPA wrote:
> On Tuesday 3 November 2015 at 3:29:02 PM, in
> , Neal H. Walfield wrote:
> 
> 
> > The bindings are between user id and key.  So, a new
> > binding will be created.
> 
> Will it flag up to the user that it is creating a new binding for a
> known key? Or will there only be a prompt in the case that the new uid
> matches one already stored in a binding to a different key?

It will only flag an error if there is a conflict.

Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread MFPA

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Tuesday 3 November 2015 at 3:29:02 PM, in
, Neal H. Walfield wrote:


> The bindings are between user id and key.  So, a new
> binding will be created.

Will it flag up to the user that it is creating a new binding for a
known key? Or will there only be a prompt in the case that the new uid
matches one already stored in a binding to a different key?


- --
Best regards

MFPA  

Of course it's a good idea - it's mine!
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJWONSiXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwsF0H/2+mgi3ziNoZjQQ1SC0PRGoX
JFKS4K2Q8YurNmCwJHVgMbNxvJDRKHngtJwtVvmcGTxSQQqtNM62SaoWJI3ecCBg
t3YoKjf2PRcRJZiKmbNIEWZtIHserykjVtq5dXQYf/1AmxyVuUfgtRDw++e7swqN
OO9q7CDTBDAQR8q1FLkGDHBJTrw3OBDdhxbNTv6FfaysNruAZqql7Od4VszhOfhK
lMuSZBF/UtNyRiPj3rANN4Ske0vhbc25EBy11KZy1D54QqI3Ou+hCVALordSvos4
KZYYwgOdVFSUFsEyw9y4Ah+xrnusWBUwrDjE906e34OVm+LEShgua3Qr9c/sqYiI
vgQBFgoAZgUCVjjUol8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45FfvAQCmZYAypnKeGWV9ECEc7ztM7Bi3
BkWCXZ/8wQpmNRQyZgEAhefHRAmNIR9esTrgiNSmrtmDsdkjHNJn7UShfdEqbAw=
=zKox
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread Neal H. Walfield

At Tue, 03 Nov 2015 16:10:24 +0100,
Andre Heinecke wrote:
> Don't we need to lookup the new key anyway to make validity decisions? Until 
> then we assume "Unknown" trust.

In the verify case, yes.  But what about the sign case?  We just see
that the old key has been revoked, but we don't know what the new key
is.

Thanks,

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread Neal H. Walfield

At Tue, 3 Nov 2015 15:18:57 +,
MFPA wrote:
> On Tuesday 3 November 2015 at 2:38:04 PM, in
> , Neal H. Walfield wrote:
> 
> 
> > In this case, we store the whole user id (lower cased).
> > Only if the user id is the empty string do we not store
> > a binding.
> 
> 
> How will TOFU react if a key for which bindings are already stored
> acquires a new UID?

The bindings are between user id and key.  So, a new binding will be
created.

Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread MFPA

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Tuesday 3 November 2015 at 2:38:04 PM, in
, Neal H. Walfield wrote:


> In this case, we store the whole user id (lower cased).
> Only if the user id is the empty string do we not store
> a binding.


How will TOFU react if a key for which bindings are already stored
acquires a new UID?


- --
Best regards

MFPA  

The trouble with words is that you never know whose mouths they've been in.
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJWONBuXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwHZgIAJyf6mWrWI2b8QiAvyfWBq7L
5yM/jB3VzN7aWMeRndRzfipTsqT/mzsdea5bGgBDetxHgPlHjSyTPuSeifEglqft
wFwiQR1pISUuHsom/HTkiymZqUr+EJCnbQAFVjhX0FoWm78iXnKNhRMP9qhtKuo8
FayHf+VMQUyWxGdVOVSSWfadge2qRLli2sEapwULbxj3sf9hY8V6j0f4HEcfu3cG
BTgfg4JpywrCKhIpEjSnsZWXZ99EKLkB9KGPktvD9sPSEoIQEU7atWzqF/+RYIyB
q/yNmV7NXniZVgvFI9zR0P6xUBzU5ZY705anafUX4J4mqwyyzBWd6ikHgSJnbu6I
vgQBFgoAZgUCVjjQdV8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45ORNAQDYPEHUMsWGXo5fnSpQ/aOi6SoA
m5UiHu/rQZE2ZQM9qgEAp3k+JhqGrLfEsL5u8taOk10x6W8nUXqC5A2K01EBGgE=
=gIRv
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread Andre Heinecke

Hi Neal,

On Tuesday 03 November 2015 15:57:05 Neal H. Walfield wrote:
> > I don't fully understand why you need formalized transition statements.
> > Couldn't you just treat Key / UIDs that are signed by each other as "two
> > valid keys for this UID"?
> > 
> > So when I transition to another key I just sign it with the old key and
> > GnuPG can detect that and not show a warning about it?
> > 
> > This would also solve the problem that some users may have multiple keys
> > with the same UID's which are both valid.
> 
> This could work if both keys are available locally.  If you need to
> look up the new key, this is not so easy.

Don't we need to lookup the new key anyway to make validity decisions? Until 
then we assume "Unknown" trust.

Well I can see that one of the features of Tofu is that Unknown trust should 
no longer be presented to users but in that case we could add auto-key-
retrieve? :-)

> Another problem is that this assumes that the new key has the exact
> same user ids.  Oftentimes some emails will have been dropped or the
> person's name changed (e.g., marriage, new title, etc.).

You have lost me here. Why does it assume that? 

- I send you lots of mails as aheine...@intevation.de signed with C97822F5
- Now I send you once a mail as aheine...@intevation.de signed with 58BD45EC 

-> You can check if C97822F5 signed the User ID aheine...@intevation.de on key 
58BD45EC. It has. So you can assume the new Key is also valid for that UID.

Any new UID's on this key will have to be treated as first contact ID's. If the 
new key has less UID's I don't see a problem at all.

Regards,
Andre

-- 
Andre Heinecke |  ++49-541-335083-262  | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner

signature.asc
Description: This is a digitally signed message part.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread MFPA

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Friday 30 October 2015 at 12:09:51 PM, in
, Neal H. Walfield wrote:



> The user ids are used.  These are authorative.  If
> there are N user ids, then N bindings are maintained.

Presumably if no user-id contains a readable email address, no binding
is stored at all.



- --
Best regards

MFPA  

Reality is nothing but a collective hunch.
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJWOMWoXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwCvkIAIleMBEeFtnLDizhbWL+U3lZ
iuw/1MFvlXPxI88R45p8u7c2DyYKII78jIGL2JbJBuaE/cJ/kc/WFsArGP+lO53W
YU+7etSFyIMr15Ykn/VxgfS5hqqDLwJ5XGoxs8BHV35XZAu9SjeS+IszEDJBQ5Er
0OdlVGwTTCe+a2eGbkrv8sCy6t4b92WrvW6ag+XDYlvDNugh3w4ThXujqNvldG6r
IdW54XZNnnFjjrQwUTCh5L4lM1A87RlhEJSXLyReJ/czVYJTSO9bUvplPayzv3Qe
uuNJ69Kr2YD16e6/6yrXKkkkfP+RrlYUmhDSEREXwRbCSjay8LspUdNemd+wRaOI
vgQBFgoAZgUCVjjFrV8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45AsVAP9GUe9libeqGSVR/ZsCO1VJ7qaQ
070CM1961MKO8UdXCAD/eH9JEuNZthJMZAqW9JaWq69kMYb1RqJs7w6+BNZFPAo=
=XoMO
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread Neal H. Walfield

Hi Andre,

At Fri, 30 Oct 2015 13:23:14 +0100,
Andre Heinecke wrote:
> On Thursday 29 October 2015 22:28:54 Neal H. Walfield wrote:
> > At Thu, 29 Oct 2015 18:48:43 +0100,
> > 
> > Johannes Zarl-Zierl wrote:
> > > Out of curiosity: Does the TOFU implementation for gpg already allow for
> > > key transition statements / is this planned for some point in the future?
> > Unfortunately, it doesn't.  This is because there is currently no
> > standard way to communicate the id of the new key.  I've proposed a
> > solution for this for the next OpenPGP version, which is currently
> > being work on.  There appears to be some interest, but unfortunately I
> > haven't had time to work on that recently.
> 
> I don't fully understand why you need formalized transition statements. 
> Couldn't you just treat Key / UIDs that are signed by each other as "two 
> valid 
> keys for this UID"?
> 
> So when I transition to another key I just sign it with the old key and GnuPG 
> can detect that and not show a warning about it?
> 
> This would also solve the problem that some users may have multiple keys with 
> the same UID's which are both valid.

This could work if both keys are available locally.  If you need to
look up the new key, this is not so easy.

Another problem is that this assumes that the new key has the exact
same user ids.  Oftentimes some emails will have been dropped or the
person's name changed (e.g., marriage, new title, etc.).

Thanks,

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-03 Thread Neal H. Walfield

At Tue, 3 Nov 2015 14:32:56 +,
MFPA wrote:
> On Friday 30 October 2015 at 12:09:51 PM, in
> , Neal H. Walfield wrote:
> > The user ids are used.  These are authorative.  If
> > there are N user ids, then N bindings are maintained.
> 
> Presumably if no user-id contains a readable email address, no binding
> is stored at all.

In this case, we store the whole user id (lower cased).  Only if the
user id is the empty string do we not store a binding.

Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-01 Thread Neal H. Walfield

Hi,

At Sun, 1 Nov 2015 10:50:33 +,
MFPA wrote:
> Another thought. New signatures from a key that has long been inactive
> may arouse suspicion. Perhaps it would be useful to output how long
> ago was the last message verified. For example:-
> 
> "66 messages signed over the past 3 years. The last was 1 year 10
> months ago."

This sounds like a good idea.  I'll add it.

Thanks,

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-11-01 Thread MFPA

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Saturday 31 October 2015 at 8:27:09 PM, in
, Neal H. Walfield wrote:


> N is the number of unique signatures.  If you verify
> the message signature multiple times, it will only
> count once.

Cool.



> I'm sure we could do something like this, but it sounds
> like adding complexity, which doesn't seem justified.

Yes, it seemed like a great suggestion until I tried to construct in
my mind a way in which it would be useful. (I think the idea occurred
to me when I was reading the discussion about whether GnuPG logging
how often I received emails from a particular sender was problematic.)



Another thought. New signatures from a key that has long been inactive
may arouse suspicion. Perhaps it would be useful to output how long
ago was the last message verified. For example:-

"66 messages signed over the past 3 years. The last was 1 year 10
months ago."



- --
Best regards

MFPA  

Always be on the lookout for conspicuousness
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJWNe6NXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXw7PsIAKhh8R/ObXpXJfzeBoh1Jfyr
hB35bJ+7rM51nH02/z28dwXas4gqq+sHG2pK4Jv7WaW4eJ5p5OUd7JyAoc6NinoT
z8MpnxoYraAFr9oufxXmbShSEVdiMnFxC/wSLxQmJA+cc4xKbXUzY+Tf8xxQl+Tf
WU2NGPf88FIQrTsHnILcZxfICqTYzc/RXZvpkVKdUhCgs/hPxrfU18NYwThnj9k4
nZi0zWlxsySzTN6OQZzsjxSj4U1aseUbIGnU3HJQ3x6BJ62kjuE/CzaXS+1H/4wc
akxtNxBiAGJAxGhBXdFh2LnRPwp4q8X+XZZSmjocC/zldy+suPRfEEotgJ4LfpOI
vgQBFgoAZgUCVjXull8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45MPhAQCvk5UQhm4oRvDjxSui3xG2aNKG
fHL1ZkDIMtXQkiACVAD/WuAkwWTnjoDWww5X8VPcgqYs/TuHc/FL6uoLXFJL4wo=
=fBRS
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-31 Thread Neal H. Walfield

At Sat, 31 Oct 2015 11:57:05 +,
MFPA wrote:
> > First, some statistics are displayed, namely, that
> > we've verified 5 messages signed by this key in the
> > past last hour.
> 
> 
> Would it say the same if it were not five unique messages? For
> example, we read the same email five times and verified it each
> time.

N is the number of unique signatures.  If you verify the message
signature multiple times, it will only count once.

> And would an option to limit the time period make sense? Meaning that
> if the limit were set to X days, it would use the actual time period
> if shorter but only say how many messages were verified in the last X
> days if the binding were older. (Having thought this sounded like a
> good idea, I am struggling to think of a use case.)

I'm sure we could do something like this, but it sounds like adding
complexity, which doesn't seem justified.

Thanks,

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-31 Thread MFPA

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Thursday 29 October 2015 at 2:06:51 PM, in
, Neal H. Walfield wrote:



> First, some statistics are displayed, namely, that
> we've verified 5 messages signed by this key in the
> past last hour.


Would it say the same if it were not five unique messages? For
example, we read the same email five times and verified it each
time.

And would an option to limit the time period make sense? Meaning that
if the limit were set to X days, it would use the actual time period
if shorter but only say how many messages were verified in the last X
days if the binding were older. (Having thought this sounded like a
good idea, I am struggling to think of a use case.)


- --
Best regards

MFPA  

If at first you don't succeed, destroy all evidence that you tried.
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJWNKyxXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwzQgIAJ9wQnC31708MAVJKiYwug00
oNjMknrPaXrXx+OIG8Vswd4IUCkNo23O9qCXuwvXzzXhYTfhz2nc+AC2uXRD71z8
zWpc3KQeeMon9qSB7ChcVi7u0w7AR+rZXZ21nV+jyQP1E6N2R+MdygmPe2uzH6OM
WbW5RI3cqU0CNSQTZDv9lNebKoZQLFDruwYN6YiTp1NA1Q1Esr8jqYkuygS4disr
B0CWyb7mKi+wWMUfWYkMXzBUiRI1fKPVG5u9iIvi644H4+VEkGeTvzEpWhLTLAcy
66eogl3CLeM+TpfreQQ9Hl/IwB7ScnPK4EokRE/hTzz5l7cROMzIURmCHLmR2JWI
vgQBFgoAZgUCVjSsv18UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45F1eAQD7dBKbkdDf2fdKcr0IliZUaLKT
qXkccpNxn13avZwCJgEAvPxXb6zAY+5n865fQ1EhVuEOTF2Jv66EJUQTDd/VUwA=
=XGow
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-30 Thread Neal H. Walfield

At Fri, 30 Oct 2015 14:32:07 +,
MFPA wrote:
> On Friday 30 October 2015 at 11:51:27 AM, in
> , Neal H. Walfield wrote:
> 
> 
> > Sure.  But your point is a red herring.  There is
> > *currently* no way to do this.  However, the next
> > version of the OpenPGP spec should have a way to do
> > this.
> 
> My point was "there is already a way to do this: use signature
> notations". Is that a red herring?

It's not standardized.  Sure, GnuPG could use a particular notation
for this purpose, but we want to interoperability, which is why this
should be standardized in RFC 4880bis.

Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-30 Thread MFPA

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Friday 30 October 2015 at 11:51:27 AM, in
, Neal H. Walfield wrote:


> Sure.  But your point is a red herring.  There is
> *currently* no way to do this.  However, the next
> version of the OpenPGP spec should have a way to do
> this.

My point was "there is already a way to do this: use signature
notations". Is that a red herring?


- --
Best regards

MFPA  

Don't talk unless you can improve on the silence
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJWM392XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwkd8H/1u3U7wdJ6XjB2FGcFbf0btw
1yK/xL3RqUxbnVMkVhjoUr98xdM2lm40GPTzhH0vu7CYPgI+xHfZMUJZtoSmBQLS
a+6Mp9YY7hyYrRl2SjySMpPuxpzDek62nhdqkEclQglus2ZBcnq+ACrlY1Kj9oYI
EXo0i/vMUsPck9xDh2wm+2hIR5f+BMMQk6NRaDgmP1xkktCwkJIcb7BYEEHG11G/
dTQe9QRG5jZ/kozQkmXC+5BokoQeEnHUIFmzQB2E975COH82L/V1lJ+Hj6XnODlN
PyzkjJqzT8VB7H5OQJzioctpxgthseodaZrzRmM4+E8Cv0QvkgksqEWchb47kMOI
vgQBFgoAZgUCVjN/fl8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45EwdAQCp/PzcYpl0ln8sjSzNoZgNLR4j
U1S1cXg35twroWmADgEAgw6AA1MxU5YjnOS7J5lfCTD8UIhuBzhvXSvcTkZsPAQ=
=wcs+
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-30 Thread MFPA

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Thursday 29 October 2015 at 2:06:51 PM, in
, Neal H. Walfield wrote:


> When you verify a
> message from some user for the first time, GnuPG saves
> the binding between the user id (actually, the
> normalized email address) and the key.

The email address in the user-id, or the email address the message
appears to come from?

If it's the email address in the user-id, what happens if the key has
multiple UIDs covering several email addresses? Or if the user-ids
contain no readable email addresses?



> When you verify
> another message from that user, the saved bindings with
> that user's address are retrieved.  If there is at
> least one such binding, but none of them include the
> signer's key, then either the signer is using a new key
> or someone is attacking you.  In this case, GnuPG
> displays a warning and prompts you to verify the key
> and set an appropriate policy (e.g., the key should be
> considered untrusted).

How does it handle a new signing sub-key?


- --
Best regards

MFPA  

I would like to help you out. Which way did you come in?
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJWM10+XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXw2nkH/2CkLOat3z/DNWZB8oqVA3un
Jlt2G2EjAOjMhmKWMbw8Iw4IY2xDelWZZommxoOi4MZeBVVv7QRhS7XJyHoFmUac
4/p9Vsf9ftp82njw31RxGNZ3uDlEBVr8JnnbrXYcqT7UUvJBgd8Cnj3tZYHISI/v
UWUY2wniUT2A7wguPuDnToCVnttFRLU0fbV+1N6nE0h1nBP31yMoweKbFTosSzNF
EhPI04uQDoofvgMtNgT3qftqeGUrTi/2sjuScYzXMDbFd0H/XOGGJWpD94GOVm1j
MYYIuPwEgWnN7d6ng0cLe2KWliASu9Msb3W37il9Ws+E0d0WWjtZEJRJ5csPcH2I
vgQBFgoAZgUCVjNdQ18UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45L/+AQDq9C3vMEi9vaMj7JAgktSE7feq
3dRwtzTWZd+iYWhkIwD8D4iPcInYROnoCDj9+bLEYEpZIllvfCgPqG8rzIrGlQk=
=mAZf
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-30 Thread Andre Heinecke

Hi,

On Thursday 29 October 2015 22:28:54 Neal H. Walfield wrote:
> At Thu, 29 Oct 2015 18:48:43 +0100,
> 
> Johannes Zarl-Zierl wrote:
> > Out of curiosity: Does the TOFU implementation for gpg already allow for
> > key transition statements / is this planned for some point in the future?
> Unfortunately, it doesn't.  This is because there is currently no
> standard way to communicate the id of the new key.  I've proposed a
> solution for this for the next OpenPGP version, which is currently
> being work on.  There appears to be some interest, but unfortunately I
> haven't had time to work on that recently.

I don't fully understand why you need formalized transition statements. 
Couldn't you just treat Key / UIDs that are signed by each other as "two valid 
keys for this UID"?

So when I transition to another key I just sign it with the old key and GnuPG 
can detect that and not show a warning about it?

This would also solve the problem that some users may have multiple keys with 
the same UID's which are both valid.

Regards,
Andre

-- 
Andre Heinecke |  ++49-541-335083-262  | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner

signature.asc
Description: This is a digitally signed message part.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-30 Thread Neal H. Walfield

At Fri, 30 Oct 2015 12:06:14 +,
MFPA wrote:
> On Thursday 29 October 2015 at 2:06:51 PM, in
> , Neal H. Walfield wrote:
> 
> 
> > When you verify a
> > message from some user for the first time, GnuPG saves
> > the binding between the user id (actually, the
> > normalized email address) and the key.
> 
> The email address in the user-id, or the email address the message
> appears to come from?
> 
> If it's the email address in the user-id, what happens if the key has
> multiple UIDs covering several email addresses? Or if the user-ids
> contain no readable email addresses?

The user ids are used.  These are authorative.  If there are N user
ids, then N bindings are maintained.

> > When you verify
> > another message from that user, the saved bindings with
> > that user's address are retrieved.  If there is at
> > least one such binding, but none of them include the
> > signer's key, then either the signer is using a new key
> > or someone is attacking you.  In this case, GnuPG
> > displays a warning and prompts you to verify the key
> > and set an appropriate policy (e.g., the key should be
> > considered untrusted).
> 
> How does it handle a new signing sub-key?

The primary key is always used in the binding.

Thanks,

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-30 Thread Neal H. Walfield

At Fri, 30 Oct 2015 11:43:28 +,
MFPA wrote:
> On Thursday 29 October 2015 at 9:28:54 PM, in
> , Neal H. Walfield wrote:
> 
> 
> 
> > Unfortunately, it doesn't.  This is because there is
> > currently no standard way to communicate the id of the
> > new key. I've proposed a solution for this
> 
> Wouldn't a signature notation (in a self-signature) be sufficient for
> this? Something like:-
> 
> new...@domain.example.com=[fingerprint]
> 
> And for key transition statements, perhaps a second notation:-
> 
> transitionstatem...@domain.example.com=[URL]

Sure.  But your point is a red herring.  There is *currently* no way
to do this.  However, the next version of the OpenPGP spec should have
a way to do this.

Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-30 Thread MFPA

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



On Thursday 29 October 2015 at 9:28:54 PM, in
, Neal H. Walfield wrote:



> Unfortunately, it doesn't.  This is because there is
> currently no standard way to communicate the id of the
> new key. I've proposed a solution for this

Wouldn't a signature notation (in a self-signature) be sufficient for
this? Something like:-

new...@domain.example.com=[fingerprint]

And for key transition statements, perhaps a second notation:-

transitionstatem...@domain.example.com=[URL]




- --
Best regards

MFPA  

Versifiers write poems for it.
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJWM1gGXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwpLcH+wW+rpDMLZiYJnRlvEX/Eil6
V/3LvPvx0HPlY2Khe8xF9tlm+/QDhG9D3b2higZq6KEB5PAYrXIwmAUokNf9uRt2
G++ZGzRtjD1vCD97PDlwf2E7UQm3N0CM7Z8tgaGPworqXYuJJOSGVXcRP/rRQp1L
ikfFxtCgZDE9c+3VJGDTGh1Pf1dFQvnsjllh0q1pYi4nrX4ZRZ+mEfuGMJXIjLwK
2pCBf/gUQezeCUCF9XwBlGRRHdMp6o64GHJbp5aZLFqr6vvH4pn9HkMUKnY5zRnc
m2kxOstix9yrfDQckao/VThb3MKFPTNDM++lfCJK5Tc2T7fOU6EZOmeaaOL8uYyI
vgQBFgoAZgUCVjNYDV8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45GhkAQCLLEsCe5cZL4XPoZF3nTIBIFyL
dycllokt1e67PovWPgEAjmYeoT0I57iQ8tOTVmq7gjslYXNaBsc/FzcVXYht8wE=
=Bnqj
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-30 Thread Werner Koch

On Thu, 29 Oct 2015 17:23, m...@dabpunkt.eu said:

> isn’t it a little bit problematic that GPG now logs how often I received
> emails by someone else?

Well, you MUA does it already.  The IMAP server of your provider also
has this information, and, worst of all, your responsible surveillance
agency has this information at their fingertips.  Protecting mail meta
data is pretty hard and close to impossible if you do not want to leave
traces on your local machine.  For high security areas Tofu is
definitely not an option.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-29 Thread Neal H. Walfield

Hi Peter,

At Thu, 29 Oct 2015 19:57:29 +0100,
Peter Lebbing wrote:
> 
> On 29/10/15 17:23, Daniel Baur wrote:
> > isn’t it a little bit problematic that GPG now logs how often I received
> > emails by someone else?
> 
> I would think that in most situations, that is not a problem. If you 
> exclusively
> use webmail, there isn't such a record directly on your computer's disk, but 
> you
> also can't use GnuPG with webmail, AFAIK. If you use a regular e-mail program
> that works with GnuPG, that information is already on your disk and accessible
> to the user account you run it as, so duplicating that information in the 
> GnuPG
> home directory adds nothing.
> 
> Do you know of a scenario where this information is not already available from
> the e-mail program? Even if the user deletes the mail after they read it, I
> wouldn't be at all surprised if this just marks the data as deleted rather 
> than
> that it scrubs the data from the disk. This would muddy the statistics, but
> hardly be a security feature.

I think this mostly reflects our thinking.  Thanks for the good
summary.

FWIW, we have thought of aging the data or just storing the hash of
the most recent X signatures.  But, we decided to defer that
discussion until later since it should be easy to add on.

> Also, you could just disable TOFU if you're worried by it, but you would lose
> the functionality as well...
> 
> Maybe there's a use case for optionally not gathering these statistics if key
> validity is already established through the WoT. That way, if you want to keep
> the frequency of correspondence a secret, you could use the WoT to establish
> validity.
> 
> An option to not gather statistics for specific keys rather calls out those 
> keys
> as interesting, and an option to disable the statistics for all TOFU keys 
> seems
> like losing a very valuable tool in assessing which key is the One Key.

To keep the code simple, I'd prefer to avoid adding options that few
people will use and are of questionable utility.  In particular, I
think if someone's security requirements are such that having a list
of the hashes of previously seen messages is too big of a security
risk, then they should probably just disable TOFU.  Indeed, TOFU
itself probably violates their security requirements.

Thanks!

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-29 Thread Neal H. Walfield

At Thu, 29 Oct 2015 18:48:43 +0100,
Johannes Zarl-Zierl wrote:
> Out of curiosity: Does the TOFU implementation for gpg already allow for key 
> transition statements / is this planned for some point in the future?

Unfortunately, it doesn't.  This is because there is currently no
standard way to communicate the id of the new key.  I've proposed a
solution for this for the next OpenPGP version, which is currently
being work on.  There appears to be some interest, but unfortunately I
haven't had time to work on that recently.

Thanks!

:) Neal

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-29 Thread Johannes Zarl-Zierl

Hi Neal,

Thanks for the heads-up on this. TOFU seems like a really big feature for 
everyday use!

Out of curiosity: Does the TOFU implementation for gpg already allow for key 
transition statements / is this planned for some point in the future?

Cheers,
  Johannes



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-29 Thread Peter Lebbing

On 29/10/15 17:23, Daniel Baur wrote:
> isn’t it a little bit problematic that GPG now logs how often I received
> emails by someone else?

I would think that in most situations, that is not a problem. If you exclusively
use webmail, there isn't such a record directly on your computer's disk, but you
also can't use GnuPG with webmail, AFAIK. If you use a regular e-mail program
that works with GnuPG, that information is already on your disk and accessible
to the user account you run it as, so duplicating that information in the GnuPG
home directory adds nothing.

Do you know of a scenario where this information is not already available from
the e-mail program? Even if the user deletes the mail after they read it, I
wouldn't be at all surprised if this just marks the data as deleted rather than
that it scrubs the data from the disk. This would muddy the statistics, but
hardly be a security feature.

Also, you could just disable TOFU if you're worried by it, but you would lose
the functionality as well...

Maybe there's a use case for optionally not gathering these statistics if key
validity is already established through the WoT. That way, if you want to keep
the frequency of correspondence a secret, you could use the WoT to establish
validity.

An option to not gather statistics for specific keys rather calls out those keys
as interesting, and an option to disable the statistics for all TOFU keys seems
like losing a very valuable tool in assessing which key is the One Key.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: TOFU for GnuPG

2015-10-29 Thread Daniel Baur

Hello,
Am 29.10.2015 um 15:06 schrieb Neal H. Walfield:
> First, some
> statistics are displayed, namely, that we've verified 5 messages
> signed by this key in the past last hour.

isn’t it a little bit problematic that GPG now logs how often I received
emails by someone else?

Sincerely,
DaB.



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

TOFU for GnuPG

2015-10-29 Thread Neal H. Walfield

Hi,

Last week, I checked in the TOFU code for GnuPG.  This code will be
part of the next release.  It would be great to get some additional
testing before this happens!


Background
--

TOFU stands for Trust on First Use and is a concept that will be
familiar to anyone who regularly uses ssh.  When you ssh to a host for
the first time, ssh asks you to verify the host's key (most people
just say yes here).  When connecting to the same host in the future,
ssh checks that the key hasn't changed.  If it has, ssh displays a
warning.

TOFU for GnuPG works similarly.  When you verify a message from some
user for the first time, GnuPG saves the binding between the user id
(actually, the normalized email address) and the key.  When you verify
another message from that user, the saved bindings with that user's
address are retrieved.  If there is at least one such binding, but
none of them include the signer's key, then either the signer is using
a new key or someone is attacking you.  In this case, GnuPG displays a
warning and prompts you to verify the key and set an appropriate
policy (e.g., the key should be considered untrusted).

In contrast to the Web of Trust (WoT), TOFU's security guarantees are
rather weak.  When using the WoT correctly, you can have high
confidence that if GnuPG says a given key is controlled by a specific
user, then it probably is.  TOFU, on the other hand, is only able to
detect when the key associated with an email address has changed.  In
other words, TOFU detects inconsistencies.

Despite this, TOFU will be more secure than the WoT for most users in
practice.  This is because using the WoT requires a lot of effort.
First, you have to actively exchange fingerprints with other users and
sign their keys.  Most people can't be bothered to take the time to do
this.  Second, in order to actually use the WoT to verify keys that
you have not directly signed, you need to tell GnuPG how much you
trust other people to correctly verify keys the keys that they sign
(i.e., you need to set the owner trust).  In practice, even fewer
people do this.  But, even if you do do this, you can only confidently
set the owner trust for people that you've actually met.  Thus, the
WoT can only really be used to verify the keys of friends of friends.
This seriously limits the number of people you can securely
communicate with.

Happily you don't need to choose between TOFU and the WoT.  It is
possible to combine them using the tofu+pgp trust model.  In this
model, the trust level for a key under each model is computed and then
the maximum is taken according to the following ordering:

  unknown < undefined < marginal < fully < ultimate < expired < never

For users who want TOFU's ability to detect conflicts, but don't like
that TOFU assigns positive (marginal) trust to new keys without
prompting, it is possible to change the default policy to unknown or
to always prompt the user for the policy for new keys using the
--tofu-default-policy option.  When setting the default policy to
unknown, the WoT will be used for all trust judgments unless TOFU
detects a conflict.


How-to
--

In general, there is no reason to use the bare tofu model.  Instead,
tofu+pgp is the recommended model.  If you've never signed a key, then
this effectively degrades back to the tofu model.

To set the trust model to tofu+pgp, add the following to your
~/.gnupg/gpg.conf file:

  trust-model tofu+pgp

If you don't want TOFU to assign positive trust to new keys by
default, then you should also add the following to your gpg.conf file:

  tofu-default-policy unknown

These and a few other new options are described in detail in the
manual (search for tofu).


There isn't much more to do.

Verifying a message works as usual:

  $ gpg2 --verify EE37CF96-6.txt 
  gpg: Signature made Fri 18 Sep 2015 03:16:17 PM CEST using RSA key ID EE37CF96
  gpg: Good signature from "Testing (insecure!)" [unknown]
  gpg: Verified 5 messages signed by "Testing (insecure!)" (key: 362D 3527 F53A 
AD19 71AA  FDE6 5885 9975 EE37 CF96, policy: auto) in the past 42 minutes, 59 
seconds.
  gpg: Warning: if you think you've seen more than 5 message signed by this 
key, then this key might be a forgery!  Carefully examine the email address for 
small variations (e.g., additional white space).  If the key is suspect, then 
use 'gpg --tofu-policy bad "362D 3527 F53A AD19 71AA  FDE6 5885 9975 EE37 
CF96"' to mark it as being bad.

Here, the only change are a few additional messages.  First, some
statistics are displayed, namely, that we've verified 5 messages
signed by this key in the past last hour.  Further, a warning is
printed that the number of messages that we've verified is rather
small and we should be suspicious of this binding.  This information
is displayed to make it easier to recognize forged keys.

Unlike with ss

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

Re: TOFU for GnuPG

TOFU for GnuPG

31 matches

Site Navigation

Mail list logo

Footer information