[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 29 Apr, 2013, at 10:20 am, Neil Williams wrote:
On Mon, 29 Apr 2013 09:47:20 +0100 Philip Hudson <phil.hudson@xxxxxxxxx> wrote:I wish this stuff was less complicated, but ATM it seems like public key cryptography + web of trust *is* the simplest possible solution. Unfortunately that limits it to the cross section of the upper quartile of the IQ range, people with access to learning about it,people with the time to learn it, people with the inclination to learnit, people who (see that they) have a need for it, and people with usable tools. To a first approximation, the population of that set is zero. Damn damn damn.It's not zero, it is slightly higher.Probably the single largest contributor to and user of the GnuPG Web ofTrust is Debian as it is the basis of the authentication of uploaded packages and attribution to individuals. My GnuPG signature on a package upload will allow installation of that upload onto hundreds of mirrors all across the world and then get installed (sometimes automatically) by uncountable machines, as root. The signature process needs to work. The Web of Trust has the concept of a "strong set" which is keys which are signed by each other in ever increasing loops. The majority of the current strong set are or have been Debian Developers or GnuPG maintainers. Keys must be signed by keys of current Debian Developers to be included into the keyring for uploads, so perpetuating the strong set. Part of the authentication layer is 'caff' - the fire-and-forget GnuPG key signature helper. There are many ways of doing the person-to-key authentication involving face-to-face contact and various methods of identification. Once that stage is done, the signer verifies the fingerprint of the signee's key and signs it. The signature data is exported and then *encrypted* to the signee and emailed by caff. So here is probably the largest routine use of encrypted emails: To carry the signature data from the signer to the signee in such a way that only the signer and the signee can decrypt the signature. Once decrypted, the data is imported and uploaded by the signee. If it cannot be decrypted, no signature is published. The system isn't perfect, it relies on a variety of stages which all need to be trusted separately, but within the subset of people where this is important, it does work.
(I don't usually quote a whole message, so you can trust that I intend to when I do. Hint, hint.)
True, true, true, and necessarily true, but... WRT "the system isn't perfect" and "first approximation: zero": How long have you and I been members of this LUG? How many others in the LUG have GPG keys? How many have signed mine? Zero. How many have I signed? Zero. When and where am I *ever* going to find anyone more likely to do key-signing than in a LUG? Never and nowhere.
OK, light a candle rather than curse the darkness. Be it hereby resolved that at all future LUG meetings, the middle order of business, allowing for latecomers and early leavers, shall be key- signing. All in favour?
-- Phil Hudson http://hudson-it.no-ip.biz @UWascalWabbit PGP/GnuPG ID: 0x887DCA63 -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq