| gabriel rosenkoetter on Thu, 6 Mar 2003 11:55:05 -0500 |
|
On Thu, Mar 06, 2003 at 10:23:56AM -0500, Michael Leone wrote:
> Oh? I had received 2 new keys, which I put into the keyring. I got another
> one at like 6PM last night. (as a side note, sending me a key less than an
> hour before a meeting you want to be keysigned at ... is not enough
> notice. :-) I will add you in, tho, and you can get signed at the next
> keysigning.
Sure, but doing keysigning the way we've been doing it is getting to
be pretty unmanageable.
Jeff would like to just have everyone's keys in a file, run SHA1 on
that, compare the checksum you see at the meeting with one you
compute yourself on the same file, and know that everyone's
signature matches up. I think there are some serious failings with
that plan:
- Everyone involved had really better understand how it works, or
they're liable to do it wrong.
- Latecomers are completely screwed.
- The uniqueness of SHA1 is still open to comment. We're already
trusting it once for the fingerprints; maybe we'd rather not trust
it again for this.
- An error in ANY key aborts the whole keysigning for everyone.
Problems with our current plan are similar:
- Latecomers: screwed.
- If you don't understand the process, you've got a good chance of
doing it wrong. Like say last night when one participant blithely
read his fingerprint from the sheet of paper I provided without
first verifying it.
- It takes an inordinate amount of time. Having each user verify
their key fingerprint on the sheet of paper we hand out would make
this easier, but this leaves it open for people to connect from
someone else's laptop or USIP's computers to their own machines to
check their fingerprint. That's not a good idea, for what I hope are
obvious reasons.
I would much prefer this approach:
- Participants bring their own key fingerprint printouts. Ideally
using gpg-key2ps[1].
- Either:
- Each person meets with each other person, exchanges key2ps
slips, checks each others' ID, discusses the ways in which
they'd like their signatures returned, then moves on to another
pairing.
Or:
- Each person starts their photo ID around the circle, then walks
around individually distributing key2ps slips to each person.
I'm in favor of the first version, as it completely avoids the
only potential pitfall (passing a stack of one person's key2ps
slips from one person to the next, which lets anyone along the way
replace the strips with their own in an effort to compromise the
system).
I like this approach best because:
- No special knowledge is required. "Don't let someone else prove
your identity for you," maybe, but that's something you should know
anyway and it's certainly plenty present in the other approaches.
- It's more social. Instead of standing silent speaking one at a
time, everyone gets to have a brief conversation with everyone
else.
- Latecomers: NOT screwed. As long as they bring their fingerprint
printout.
- It happens FASTER. Even if we still do the circle approach,
there's no "listening and verifying fingerprint" step, there's just
checking the ID and taking the owner-endorsed slip of paper home
with you to verify there.
- One bad fingerprint is just that, one bad fingerprint. Nothing
breaks down based on it.
- No maintenance of a PLUG keyring (which seems to include some
random signing-only keys from CERT and Micrsoft right now...
any reason for that?) is necessary, though it doesn't hurt.[2]
Thoughts?
> Who else was involved?
Don't recall; I left gpg-key2ps slips at home. One was Rita Cressy,
who was included in the keyring, but also had key2ps strips, which
we used since it took less time for her to hand each person one that
to read out her fingerprint and it could happen at the same time as
her photo ID was going around.
[1] apt-get yourself the signing-party package if you're using
Debian. I'll be making a NetBSD package some time soon. The rest
of you, start from:
http://packages.debian.org/unstable/misc/signing-party.html.
(I don't see that you can get gpg-key2ps anywhere else, which is
kind of a drag, since I don't really want the keymailer portion of
it.)
[2] ... but I'd much RATHER have a PLUG-only keyserver. Running
something *other* than pksd. And I'm still glad to run that on one
of my machines, but am not liable to have the time to set it up till
after March.
--
gabriel rosenkoetter
gr@eclipsed.net
Attachment:
pgpOYQSEIHTr7.pgp
|
|