gabriel rosenkoetter on Thu, 6 Mar 2003 11:55:05 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] PGP keysigning aftermath


On Thu, Mar 06, 2003 at 10:23:56AM -0500, Michael Leone wrote:
> Oh? I had received 2 new keys, which I put into the keyring. I got another
> one at like 6PM last night. (as a side note, sending me a key less than an
> hour before a meeting you want to be keysigned at ... is not enough
> notice. :-) I will add you in, tho, and you can get signed at the next
> keysigning.

Sure, but doing keysigning the way we've been doing it is getting to
be pretty unmanageable.

Jeff would like to just have everyone's keys in a file, run SHA1 on
that, compare the checksum you see at the meeting with one you
compute yourself on the same file, and know that everyone's
signature matches up. I think there are some serious failings with
that plan:

- Everyone involved had really better understand how it works, or
  they're liable to do it wrong.
- Latecomers are completely screwed.
- The uniqueness of SHA1 is still open to comment. We're already
  trusting it once for the fingerprints; maybe we'd rather not trust
  it again for this.
- An error in ANY key aborts the whole keysigning for everyone.

Problems with our current plan are similar:

- Latecomers: screwed.
- If you don't understand the process, you've got a good chance of
  doing it wrong. Like say last night when one participant blithely
  read his fingerprint from the sheet of paper I provided without
  first verifying it.
- It takes an inordinate amount of time. Having each user verify
  their key fingerprint on the sheet of paper we hand out would make
  this easier, but this leaves it open for people to connect from
  someone else's laptop or USIP's computers to their own machines to
  check their fingerprint. That's not a good idea, for what I hope are
  obvious reasons.

I would much prefer this approach:

- Participants bring their own key fingerprint printouts. Ideally
  using gpg-key2ps[1].
- Either:
  - Each person meets with each other person, exchanges key2ps
    slips, checks each others' ID, discusses the ways in which
  	they'd like their signatures returned, then moves on to another
  	pairing.
  Or:
  - Each person starts their photo ID around the circle, then walks
    around individually distributing key2ps slips to each person.
  I'm in favor of the first version, as it completely avoids the
  only potential pitfall (passing a stack of one person's key2ps
  slips from one person to the next, which lets anyone along the way
  replace the strips with their own in an effort to compromise the
  system).

I like this approach best because:

- No special knowledge is required. "Don't let someone else prove
  your identity for you," maybe, but that's something you should know
  anyway and it's certainly plenty present in the other approaches.
- It's more social. Instead of standing silent speaking one at a
  time, everyone gets to have a brief conversation with everyone
  else.
- Latecomers: NOT screwed. As long as they bring their fingerprint
  printout.
- It happens FASTER. Even if we still do the circle approach,
  there's no "listening and verifying fingerprint" step, there's just
  checking the ID and taking the owner-endorsed slip of paper home
  with you to verify there.
- One bad fingerprint is just that, one bad fingerprint. Nothing
  breaks down based on it.
- No maintenance of a PLUG keyring (which seems to include some
  random signing-only keys from CERT and Micrsoft right now...
  any reason for that?) is necessary, though it doesn't hurt.[2]

Thoughts?

> Who else was involved?

Don't recall; I left gpg-key2ps slips at home. One was Rita Cressy,
who was included in the keyring, but also had key2ps strips, which
we used since it took less time for her to hand each person one that
to read out her fingerprint and it could happen at the same time as
her photo ID was going around.

[1] apt-get yourself the signing-party package if you're using
Debian. I'll be making a NetBSD package some time soon. The rest
of you, start from:
  http://packages.debian.org/unstable/misc/signing-party.html.
(I don't see that you can get gpg-key2ps anywhere else, which is
kind of a drag, since I don't really want the keymailer portion of
it.)

[2] ... but I'd much RATHER have a PLUG-only keyserver. Running
something *other* than pksd. And I'm still glad to run that on one
of my machines, but am not liable to have the time to set it up till
after March.

-- 
gabriel rosenkoetter
gr@eclipsed.net

Attachment: pgpOYQSEIHTr7.pgp
Description: PGP signature