[kwlug disc.] gpg / pgp key signing

Bob Jonkman bjonkman at sobac.com
Sun Dec 3 23:17:06 EST 2006 

This is what Chris Frey <kwlug-disc at kwlug.org> said
about "Re: [kwlug disc.] gpg / pgp key sig" on 3 Dec 2006 at 2:34

> On Sun, Dec 03, 2006 at 12:18:14AM -0500, Bob Jonkman wrote:
> > Richard Weait said:
> > 
> > > *Two* pieces of gov't issue photo ID preferred.
> > 
> > Why?  The whole point of creating a "Web of trust" is to remove 
> > hierarchical key signing authority [...]
 
> I was thinking similar things when I read this, but I didn't want to
> wax lyrical about politics anymore than I already have lately. :-)
> So I kept quiet.

I should probably do more of that...  :-)


> But I think it's more of a shortcut for expediency.  I'd imagine most
> people in the KWLUG will be using GPG keys connected with their real world
> identities. 

Very true.  And even the Toronto Cypherpunks keysignings in which I've participated have used 
govenment issued ID.  I really just wanted to point out that it's not necessary, and that keys 
signed without government ID are still perfectly valid.  


> The only meaning the key will have for them is if it is strongly
> tied to who they really are.

That's an easy concept to misunderstand -- When I sign a key I show that I trust that key is 
associated with the identifier for that key, for example that the key with KeyID 0xAE33E989  and a 
fingerprint of 9FAF A6AC B567 BC10 8973 7CF0 CB27 0317 is associated with bjonkman at sobac.com.  It 
isn't supposed to prove an identity in meatspace, although for people who already know who I am 
and who know that I write under bjonkman at sobac.com can also make the inference that the key with 
KeyID 0xAE33E989 is used by me.  (Exercise for the reader: Google 0xAE33E989) 

To quote from Richard Outerbridge at the first Toronto Cypherpunks keysigning: "The object of the 
[keysigning] exercise is to be able to say to yourself later that at a particular place and time a 
previously unknown individual was able to convince you that they were the legitimate holder of a 
particular keyid and signature combination."

Keys don't need to be associated with a person at all.  For example, kwlug.org could have a key to 
be used for signing meeting announcements or the monthly fishbowl audit report.  A key could be 
associated with a process, for example the mailing list software could have its own key.  A key 
could be associated with an event, for example the Toronto Cypherpunks issued a key for every 
keysigning party, which was used to sign the keys of the participants to prove they were present.  
The key would then be  expired immediately afterwards to prevent re-use.


> For example, I could sign Richard's key without looking at his driver's
> license, since I know who he is, and have for some time.  Same for
> Robert Day.  But there are some at the LUG who I don't know by name.
> Do I refuse to sign their keys, if they are there in person and
> would like their key signed?  If a driver's license is good enough for me,
> it's a perfect time to do some signing.
> 
> Without some ID for those people, there is risk I could sign the wrong key,
> as it opens an attack vector.

This is why there is an exchange of printed key hashes and fingerprints.  On my printout I have 
not only my key hash and fingerprint, but also the keyIDs of the people who have already signed my 
key.  This should increase the confidence for anyone else to sign my key.  Remember, you 
validating the association of a keyid and an identity on that key (and one key may have multiple 
identities on it).

> How much ID is enough is a decision left to the signer.  I like the idea
> that was mentioned in the howto I linked to, where it said some people
> post a signing policy on their websites.  This is a good thing to think
> through beforehand.  The possibilities are more than just government IDs.
> 
> I think the strongest ID check is just knowing the person, which is,
> incidentally, the same criteria Canadian passports require: two people
> of standing in the community, who've known you for some time,
> vouching you are who you say you are.
> 
> This doesn't stop people from using a nym, although if Richard wants us
> to sign his nym key, it won't be very anonymous anymore. :-)

The person behind the nym doesn't actually need to be there, he could send an agent to act on his 
behalf.  The agent presents the printed key, then returns to the nym holder to perform the 
necessary signings.  

There is a vulnerability in this: The legitimate agent could have been mugged on the way over to 
the keysigning, and the mugger is now impersonating the agent.  To prevent this you can exchange a 
shared secret with the nym before the signing that the agent must produce.  Of course, the mugger 
could coerce that out of the agent as well. 

"while the encryption technology is mature and very secure, people's security practices leave 
something to be desired (passwords on sticky notes on the montor), and social and political 
threats (breaking knuckles and waving subpoenas) are more likely to thwart security provisions 
than reversing encryption."  --Ian Goldberg, at the September 2001 KWIUG meeting. 



-- -- -- --
Bob Jonkman <bjonkman at sobac.com>         http://sobac.com/sobac/    
SOBAC Microcomputer Services              Voice: +1-519-669-0388       
6 James Street, Elmira ON  Canada  N3B 1L5  Cel: +1-519-635-9413
Networking   --   Office & Business Automation   --   Consulting
PGP:0xAE33E989 Fingrprnt:9FAF A6AC B567 BC10 8973 7CF0 CB27 0317

More information about the KWLUG-Disc mailing list