Re: [kde-community] KDE Sysadmin and GPG Encryption

2016-07-28 Thread Jeff Mitchell 

On 7/27/2016 6:01 AM, Thomas Pfeiffer wrote:

On 27.07.2016 00:17, Jeff Mitchell wrote:


I would avoid reading much, if anything at all, into what Boudhayan
wrote, both from the perspective of the sysadmin team and even
Boudhayan himself.

--Jeff


I don't see any "reading into" in any of the replies so far. People have
just reacted to things that Boudhayan wrote very explicitly in his email.

Pretty bad things could be "read into" that email easily, if one wanted
to. I'm glad nobody did that, we've had enough drama on this list in
recent months.
I don't see why we should avoid reacting to what was explicitly said,
though, and that's what people did.


The email wasn't GPG-signed, so you can't trust or believe anything that 
was in it.


--Jeff
___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

Re: [kde-community] KDE Sysadmin and GPG Encryption

2016-07-27 Thread Boudhayan Gupta 
Hi Harald,

On 27 July 2016 at 15:36, Harald Sitter  wrote:
> +1
>
> If it helps the cause I'll fly around the world on my own dime and
> web-up everyone in the sysadmin team who otherwise doesn't go to KDE
> meetups so you have at least one link that connects you to the rest of
> the world. I haven't had a proper vacation in years anyway ;)

I'm going to take you up on that. Would you like to see the Taj Mahal? :P

-- Boudhayan

>
> On Tue, Jul 26, 2016 at 11:46 PM, Ingo Klöcker  wrote:
>> On Tuesday 26 July 2016 16:01:15 Luigi Toscano wrote:
>>> On Tuesday, 26 July 2016 19:25:25 CEST Boudhayan Gupta wrote:
>>> > 2) GPG doesn't simply encrypt the email, but also digitally signs
>>> > it.
>>> > Signatures are required to prove the authenticity of the email, and
>>> > to detect if it was tampered with. However, given our email
>>> > infrastructure, a GPG signature is meaningless. Anyone can create a
>>> > GPG key, encrypt the email and send it out. To trust the public key,
>>> > it would have to be either (a) distributed in a trustable way, which
>>> > brings us to the same sitation as the SSH host key, (b) signed by
>>> > another trusted entity (a person), after a face-to-face meeting, or
>>> > (c) signed by members of a web of trust (which recursively requires
>>> > one of (a) and (b)). Given we live in such physically diverse
>>> > location (in fact, Ben lives in New Zealand; meeting enough KDE
>>> > contributors face to face willing to sign his key is prohibitvely
>>> > time, effort and finance consuming). If you can't establish trust
>>> > of a GPG public key, the signature is meaningless.
>>>
>>> I strongly disagree with this. While it is complicated in Ben's case,
>>> we had GPG signing party at the past Akademy and we can rebuild the
>>> web of trust. Debian works like this. We can have one at the QtCon
>>> (with also people from other communities including FSFE). So
>>> *signing* the announcement emails should not be discouraged like it
>>> is in this email.
>>
>> I very much agree with Luigi. IMHO, OpenPGP signatures are the most
>> trustworthy kind of proof of authenticity (provided the key fingerprint
>> has been verified in a way that's as secure as a face-to-face meeting
>> and that the key's owner takes good care of her key).
>>
>>
>> I disagree that it's difficult for the admin team to verify and then
>> sign Ben key. For example, I think that this could be done via a voice
>> chat provided the admin team regularly does voice chats and therefore
>> recognizes Ben's voice. I don't care whether Ben's really called Ben and
>> lives in New Zealand. All that I care for is that the admin known to us
>> as Ben has sent the announcement with the new server fingerprint. And
>> this I could have asserted easily, if the admin team would have cross-
>> signed their OpenPGP keys and I would have verified the OpenPGP keys of
>> one, or better two, admin in a keysigning meeting, e.g. at Akademy.
>>
>>
>> I agree that encrypting the public information about the server
>> fingerprint would not have made any sense, but I guess that the people
>> who complained actually wanted the message to be signed rather than be
>> encrypted. OTOH, claiming that "GPG encryption is fundamentally broken"
>> is unacceptable. GPG encryption is anything but broken (if it's used in
>> the right way, i.e. to encrypt information exchanged between parties who
>> have verified their OpenPGP key).
>>
>>
>> Regards,
>> Ingo
>>
>> ___
>> kde-community mailing list
>> kde-community@kde.org
>> https://mail.kde.org/mailman/listinfo/kde-community
> ___
> kde-community mailing list
> kde-community@kde.org
> https://mail.kde.org/mailman/listinfo/kde-community
___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

Re: [kde-community] KDE Sysadmin and GPG Encryption

2016-07-27 Thread Thomas Pfeiffer 

On 27.07.2016 00:17, Jeff Mitchell wrote:

I would avoid reading much, if anything at all, into what Boudhayan wrote, 
both from the perspective of the sysadmin team and even Boudhayan himself.


--Jeff


I don't see any "reading into" in any of the replies so far. People have just 
reacted to things that Boudhayan wrote very explicitly in his email.


Pretty bad things could be "read into" that email easily, if one wanted to. I'm 
glad nobody did that, we've had enough drama on this list in recent months.
I don't see why we should avoid reacting to what was explicitly said, though, 
and that's what people did.


___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

Re: [kde-community] KDE Sysadmin and GPG Encryption

2016-07-26 Thread Sandro Knauß 
Hey,

> I strongly disagree with this. While it is complicated in Ben's case, we had
> GPG signing party at the past Akademy and we can rebuild the web of trust.
> Debian works like this. We can have one at the QtCon (with also people from
> other communities including FSFE). So *signing* the announcement emails
> should not be discouraged like it is in this email.

+1 

For me DKIM is another layer of security. GPG encryption doesn't help anything 
is order of verifiing it, that is correct. But I think all others mean GPG 
signatures. GPG Signatures are created at the sending computer, so with a GPG 
signed mail I can be sure, that the mail was not touched my anyone. DKIM 
starts with the first mailserver that supports DKIM. Nobody guarantees, that 
the senders mailserver is trustworthy. 

@Boudhayan: Only with this this longer explainations I can understand, that 
the mail shouldn't be tampered in between. But keep in mind that every 
mailserver and send a mail with a fake sender mailadress and have valid DKIM. 
So you would also need to verify SPF/SRS...

In the end GPG signatures would help, because they can also been used as TOFU 
(trust on first use). I trust the gpg keys I get first for a mailadress, 
together with the informations, that I know, that you used your key multiple 
times for sending and never complains, that the key is wrong gives also a 
strong security. With a key signing party we can raise the security level 
additionally.

regards,

sandro

signature.asc
Description: This is a digitally signed message part.
___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

Re: [kde-community] KDE Sysadmin and GPG Encryption

2016-07-26 Thread Jeff Mitchell 
I would avoid reading much, if anything at all, into what Boudhayan 
wrote, both from the perspective of the sysadmin team and even Boudhayan 
himself.


--Jeff

On 7/26/2016 5:46 PM, Ingo Klöcker wrote:

On Tuesday 26 July 2016 16:01:15 Luigi Toscano wrote:

On Tuesday, 26 July 2016 19:25:25 CEST Boudhayan Gupta wrote:

2) GPG doesn't simply encrypt the email, but also digitally signs
it.
Signatures are required to prove the authenticity of the email, and
to detect if it was tampered with. However, given our email
infrastructure, a GPG signature is meaningless. Anyone can create a
GPG key, encrypt the email and send it out. To trust the public key,
it would have to be either (a) distributed in a trustable way, which
brings us to the same sitation as the SSH host key, (b) signed by
another trusted entity (a person), after a face-to-face meeting, or
(c) signed by members of a web of trust (which recursively requires
one of (a) and (b)). Given we live in such physically diverse
location (in fact, Ben lives in New Zealand; meeting enough KDE
contributors face to face willing to sign his key is prohibitvely
time, effort and finance consuming). If you can't establish trust
of a GPG public key, the signature is meaningless.


I strongly disagree with this. While it is complicated in Ben's case,
we had GPG signing party at the past Akademy and we can rebuild the
web of trust. Debian works like this. We can have one at the QtCon
(with also people from other communities including FSFE). So
*signing* the announcement emails should not be discouraged like it
is in this email.


I very much agree with Luigi. IMHO, OpenPGP signatures are the most
trustworthy kind of proof of authenticity (provided the key fingerprint
has been verified in a way that's as secure as a face-to-face meeting
and that the key's owner takes good care of her key).


I disagree that it's difficult for the admin team to verify and then
sign Ben key. For example, I think that this could be done via a voice
chat provided the admin team regularly does voice chats and therefore
recognizes Ben's voice. I don't care whether Ben's really called Ben and
lives in New Zealand. All that I care for is that the admin known to us
as Ben has sent the announcement with the new server fingerprint. And
this I could have asserted easily, if the admin team would have cross-
signed their OpenPGP keys and I would have verified the OpenPGP keys of
one, or better two, admin in a keysigning meeting, e.g. at Akademy.


I agree that encrypting the public information about the server
fingerprint would not have made any sense, but I guess that the people
who complained actually wanted the message to be signed rather than be
encrypted. OTOH, claiming that "GPG encryption is fundamentally broken"
is unacceptable. GPG encryption is anything but broken (if it's used in
the right way, i.e. to encrypt information exchanged between parties who
have verified their OpenPGP key).


Regards,
Ingo



___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community


___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

Re: [kde-community] KDE Sysadmin and GPG Encryption

2016-07-26 Thread Ingo Klöcker 
On Tuesday 26 July 2016 16:01:15 Luigi Toscano wrote:
> On Tuesday, 26 July 2016 19:25:25 CEST Boudhayan Gupta wrote:
> > 2) GPG doesn't simply encrypt the email, but also digitally signs
> > it.
> > Signatures are required to prove the authenticity of the email, and
> > to detect if it was tampered with. However, given our email
> > infrastructure, a GPG signature is meaningless. Anyone can create a
> > GPG key, encrypt the email and send it out. To trust the public key,
> > it would have to be either (a) distributed in a trustable way, which
> > brings us to the same sitation as the SSH host key, (b) signed by
> > another trusted entity (a person), after a face-to-face meeting, or
> > (c) signed by members of a web of trust (which recursively requires
> > one of (a) and (b)). Given we live in such physically diverse
> > location (in fact, Ben lives in New Zealand; meeting enough KDE
> > contributors face to face willing to sign his key is prohibitvely
> > time, effort and finance consuming). If you can't establish trust
> > of a GPG public key, the signature is meaningless.
> 
> I strongly disagree with this. While it is complicated in Ben's case,
> we had GPG signing party at the past Akademy and we can rebuild the
> web of trust. Debian works like this. We can have one at the QtCon
> (with also people from other communities including FSFE). So
> *signing* the announcement emails should not be discouraged like it
> is in this email.

I very much agree with Luigi. IMHO, OpenPGP signatures are the most 
trustworthy kind of proof of authenticity (provided the key fingerprint 
has been verified in a way that's as secure as a face-to-face meeting 
and that the key's owner takes good care of her key).


I disagree that it's difficult for the admin team to verify and then 
sign Ben key. For example, I think that this could be done via a voice 
chat provided the admin team regularly does voice chats and therefore 
recognizes Ben's voice. I don't care whether Ben's really called Ben and 
lives in New Zealand. All that I care for is that the admin known to us 
as Ben has sent the announcement with the new server fingerprint. And 
this I could have asserted easily, if the admin team would have cross-
signed their OpenPGP keys and I would have verified the OpenPGP keys of 
one, or better two, admin in a keysigning meeting, e.g. at Akademy.


I agree that encrypting the public information about the server 
fingerprint would not have made any sense, but I guess that the people 
who complained actually wanted the message to be signed rather than be 
encrypted. OTOH, claiming that "GPG encryption is fundamentally broken" 
is unacceptable. GPG encryption is anything but broken (if it's used in 
the right way, i.e. to encrypt information exchanged between parties who 
have verified their OpenPGP key).


Regards,
Ingo


signature.asc
Description: This is a digitally signed message part.
___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

Re: [kde-community] KDE Sysadmin and GPG Encryption

2016-07-26 Thread Luigi Toscano 
On Tuesday, 26 July 2016 19:25:25 CEST Boudhayan Gupta wrote:
> 2) GPG doesn't simply encrypt the email, but also digitally signs it.
> Signatures are required to prove the authenticity of the email, and to
> detect if it was tampered with. However, given our email
> infrastructure, a GPG signature is meaningless. Anyone can create a
> GPG key, encrypt the email and send it out. To trust the public key,
> it would have to be either (a) distributed in a trustable way, which
> brings us to the same sitation as the SSH host key, (b) signed by
> another trusted entity (a person), after a face-to-face meeting, or
> (c) signed by members of a web of trust (which recursively requires
> one of (a) and (b)). Given we live in such physically diverse location
> (in fact, Ben lives in New Zealand; meeting enough KDE contributors
> face to face willing to sign his key is prohibitvely time, effort and
> finance consuming). If you can't establish trust of a GPG public key,
> the signature is meaningless.

I strongly disagree with this. While it is complicated in Ben's case, we had 
GPG signing party at the past Akademy and we can rebuild the web of trust. 
Debian works like this. We can have one at the QtCon (with also people from 
other communities including FSFE). So *signing* the announcement emails should 
not be discouraged like it is in this email.

-- 
Luigi
___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

[kde-community] KDE Sysadmin and GPG Encryption

2016-07-26 Thread Boudhayan Gupta 
Hi all,

After an email was sent to all developers with commit access on the
kde-cvs-announce mailing list with the new SSH host keys of the
machine, we've received complaints that the email contained sensitive
information and was not GPG encrypted.

We would like to say that GPG-encrypting the email would not have
added anything to the security of the email, and would have simply
been an added hassle. Because of the way GPG encryption is
fundamentally broken, we will *not* be encrypting any emails sent out
by us with GPG. A more detailed explanation follows.

1) The keys that we sent out were *public* keys. In asymmetric
cryptography, public keys are called public keys because they can be
known by the world - in fact, they *have* to be known by the world. In
simple terms, the public key is used to encrypt data; the private key
is used to decrypt data. Anyone can encrypt data and send it to
someone, but the recipient must have the private key in order to be
able to decrypt and read it. The private key is the key that has to be
kept secure, not the public key. There is no loss of security if the
public keys are disclosed. Therfore, encrypting the email to hide the
key from unintended recipients has no use.

2) GPG doesn't simply encrypt the email, but also digitally signs it.
Signatures are required to prove the authenticity of the email, and to
detect if it was tampered with. However, given our email
infrastructure, a GPG signature is meaningless. Anyone can create a
GPG key, encrypt the email and send it out. To trust the public key,
it would have to be either (a) distributed in a trustable way, which
brings us to the same sitation as the SSH host key, (b) signed by
another trusted entity (a person), after a face-to-face meeting, or
(c) signed by members of a web of trust (which recursively requires
one of (a) and (b)). Given we live in such physically diverse location
(in fact, Ben lives in New Zealand; meeting enough KDE contributors
face to face willing to sign his key is prohibitvely time, effort and
finance consuming). If you can't establish trust of a GPG public key,
the signature is meaningless.

3) We have a much stronger way of establishing the authenticity of the
email: DKIM. Both GMail and the KDE email servers publish DKIM public
keys through their DNS servers, and digitally sign every mail with a
DKIM signature. All major webmail providers and email clients *verify*
said DKIM signature automatically, and if it doesn't match, sends it
directly to Spam, with a visible warning saying the DKIM signature
could not be verified. You can inspect the headers of the email to be
sure it originated from a KDE server, and verify the DKIM signature to
authenticate the email.

4) The kde-cvs-announce email ID, in particular, is very secure. All
emails sent through that list have to be manually authorised. A random
person with the ability to send emails through KDE Postbox cannot
simply send an email as kde-cvs-announce.

5) If you don't trust your DNS provider and suspect that the DKIM
public key that you get via DNS has been tampered with, you can
independently verify it from our DNS server configuration, either by
resolving against byte.kde.org, or from the git repo at
git://anongit.kde.org/sysadmin/dns.git

As your system administrators, we take good care to ensure our systems
are not compromised, and the authenticity of our servers and messages
can always be verified. In between all the members of our team, we
have significant practical experience securing servers. I personally
have an academic interest in cryptography and information security,
especially in provable security. Importantly, this means we *know*
what cryptographic measures actually add to the security of our
systems, and which cryptographic measures only act to calm the
paranoid while adding absolutely no amount of additional security (and
this can be quantified, measured and mathematically verified, mind) to
our systems. We will do everything we can to improve our systems re.
the former point, but we will not implement any measure that simply
serve the latter point.

Thanks,
Boudhayan Gupta
KDE Sysadmin
___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community