Re: Security of verifying gpg keys from internet key servers

2018-10-28 Thread Derek Martin 
On Sun, Oct 28, 2018 at 11:39:37PM +1100, Ben McGinnes wrote:
> >> Well, verifying the identity of an unknown person with some server
> >> over the Inrernet is not very reliable, isn't it?
> > 
> > In what way? I think gnupg.net is a pretty secure source to look up
> > keys. There's no other way unless someone attaches/sends you there
> > key to import that I know about.
> 
> It shouldn't matter which server an OpenPGP key was obtained from, the
> security and/or validity of the key is maintained by the protocol's
> implementation.

IIRC this is *mostly* true--except that some versions (and some key
servers) support subkeys, while others do not, and this mismatch could
break verification.

But aside from that, and aside from signature-related bugs like what
we were just discussing in that other thread, verifying a message with
GPG proves, mathematically, that the message was sent by the person
whose key matches the key fingerprint indicated on the message.
Nothing more, nothing less.  It's up to you to confirm, either in
person or by "web of trust", that the key really belongs to the person
you think it does.

If you're not familiar with what the web of trust is, essentially it's
a mechanism that lets the user say, "I don't know who this person is
and I don't trust them, but I see that their key has been signed by my
good friends Jenny, Dave, and Robin, so I can assume the person really
is who they say they are."

This presumes that you know Jenny, Dave, and Robin, and know how
dilligent they are about verifying keys, and trust that they actually
did verify the identity of the unknown person.  If you don't, you can
choose not to trust the key as well.

In-person verification generally takes the form of an exchange, in
person, of the two people's public keys (which often may have been
made available previously, electronically), the key fingerprint of
those keys, and if necessary (i.e. you don't know the person by sight)
inspecting some sort of official identification.  Then, assuming all
of those things match, particularly the fingerprint they gave you
matches the fingerprint PGP/GPG tells you the key has, you sign the
key via the command-line interface (or whatever), indicating your
level of trust of that key.

-- 
Derek D. Martinhttp://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail due to spam prevention.  Sorry for the inconvenience.



pgpcHiRmBSK8J.pgp
Description: PGP signature

Re: Security of verifying gpg keys from internet key servers

2018-10-28 Thread Ben McGinnes 
On Mon, Aug 13, 2018 at 09:54:54PM +0100, David Woodfall wrote:
> On Monday 13 August 2018 20:22,
> Matthias Apitz  put forth the proposition:
>> On Monday, 13 August 2018 18:59:38 CEST, David Woodfall >>>
 Dave, do you verify gnuPG keys/signs on the fly? Is this secure?
 Thx
>>>
>>> Mutt does it automatically. I don't know why it wouldn't be secure.
>>>
>>
>> Well, verifying the identity of an unknown person with some server
>> over the Inrernet is not very reliable, isn't it?
> 
> In what way? I think gnupg.net is a pretty secure source to look up
> keys. There's no other way unless someone attaches/sends you there
> key to import that I know about.

It shouldn't matter which server an OpenPGP key was obtained from, the
security and/or validity of the key is maintained by the protocol's
implementation.  Verifying that a key belongs to a particular person
always requires some form of out-of-band checking; hence in person
meetups to do so.

The entire web of trust concept was developed specifically to federate
trust; that is, to move the control of trust from any server to each
user.  While the cryptographic strength of the protocol and any
implementation of it, ensures that each user's control of their key is
absolute (with the usual caveats regarding five dollar wrenches and/or
an abundance of rubber hoses).

Anyway, keys.gnupg.net is sychronised with the SKS keyserver pool,
though it also has some extra features, including the new Web Key
Directory service.  WKD support can be compiled in with current
versions of GPG using the "--enable-wks-tools" flag with configure
step.  Then gpg will be able to use the "--locate-keys" flag in place
of the "--search-keys" flag; then it will check the local key store,
follwed by the WKD protocol, followed by the SKS keyservers.

WKD is still considered a little experimental, but it's ultimately
intended to help move key distribution back out to domains without
requiring running a full keyserver in the process.  It's also intended
to provide more tuned control over user data stored on keys and what
people can search for (e.g. serving different user IDs from different
domains, yet still maintaining the one key).


Regards,
Ben


signature.asc
Description: PGP signature