GPG Keysigning at FUDCon - INSTRUCTIONS

Todd Zullinger tmz at pobox.com
Tue Jan 8 03:30:53 UTC 2008 

Matt Domsch wrote:
> After the keysigning, you can use a tool like caff from the
> pgp-tools package to sign each person's key and mail it to them.

I'd like to put in a plug for not using caff (read: I'm a pedant ;).

There are three things you want to verify when you certify (sign) a
key:

    1) The identity of the person asking me to certify their key.
    2) The key's fingerprint, id, size, and type
    3) The email address(es) associated with the key

1 can be accomplished via a drivers license or other form of ID.

2 is achieved by checking that the key info presented at the signing
  matches what is available on the public keyservers

3 is the trickier one.  When you sign a key, you are signing the
primary key + the user id(s).  Most newer PGP keys consist of a
primary key and one or more encryption subkeys.

Using caff as I understand it, you would sign each uid on a key and
then encrypt it to the address on the uid.  This encryption is
intended to verify that the key actually belongs to the recipient and
that they can receive email add the address on the key.

This is not entirely adequate for a few reasons.  Firstly, it doesn't
really verify that the uid you are signing belongs to the person at
the address (see below).  Secondly, it fails completely for anyone
that doesn't have an encryption subkey.  (Some people have a master
key that they use for signing and for acquiring signatures on and
another key that they use for day to day use and receiving encrypted
mail.  Not common perhaps, but a perfectly valid usage of gpg, and no
reason to deny someone a signature on their key.)

What you really want to do is ask the key owner to sign some text or
data of your choosing and send it to you.  That ensures that the thing
you are signing (the primary key + uid) is under the control of the
key owner and that they can receive mail at the address in the uid.

I prodded the folks on gnupg-users about this a year or so ago.  You
can read the full thread starting at[1] and David Shaw's assertion
that "sending an signed key via encrypted mail does not ensure
anything about the key owner." at[2].

Ingo Kloecker was kind enough to post a short perl script in that
thread that he used to send out challenge mail after a keysigning.  I
modified it a bit and used it after the last keysigning at my local
LUG (all the bugs are surely mine).

In the off chance that anyone is interested, I've posted that script
at[3].  It requires the perl modules Text::Autoformat and
Text::Template (among other standard modules).

[1] http://marc.info/?l=gnupg-users&m=115221259531231&w=2
[2] http://marc.info/?l=gnupg-users&m=115230714808866&w=2
[3] http://tmz.fedorapeople.org/scripts/gpg-send-challenges

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Eat drink and be merry, for tomorrow they may make it illegal.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20080107/61a7bb9a/attachment.sig>

More information about the fedora-devel-list mailing list