Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 10 Oct 2014 12:01:52 -0400
From: David Leon Gil <coruus@...il.com>
To: Daniel Kahn Gillmor <dkg@...thhorseman.net>, kristian.fiskerstrand@...ptuouscapital.com
Cc: oss-security@...ts.openwall.com, 
	"gnupg-devel@...pg.org" <gnupg-devel@...pg.org>, Werner Koch <wk@...pg.org>, thijs@...ian.org
Subject: Re: 0xdeadbeef comes of age: making keysteak with GnuPG

On Fri, Oct 10, 2014 at 11:47 AM, Daniel Kahn Gillmor
<dkg@...thhorseman.net> wrote:
> If we're going to advocate for accessing keyservers via https (which i
> think is a lovely idea, even if it doesn't mitigate all possible
> attacks), it's worth advocating for the well-curated
> hkps.pool.sks-keyservers.net [0], rather than encouraging everyone to
> flood either https://keybase.io or https://pgp.mit.edu with traffic.

My problem with the HKPS pool is that I don't know Kristian.[1] And I
don't have any reason to believe that he'd suffer serious financial
damage if the private key for the "sks-keyservers.net CA" got used
maliciously.[2]

(While I know that if a root CA were caught intentionally issuing an
MitM cert for keybase.io or pgp.mit.edu would face likely
delisting/bankruptcy.)

I'd be really happy if Kristian published a GPG-signed log of every
valid certificate for servers in the HKPS pool; then it would be
possible for the distrustful -- or targeted -- to, say, query multiple
HKPS keyservers. This is even better than trusting Root CAs +
Kristian.[3])

[1] Most hkps.pool.sks-keyservers.net don't have an alternative trust
path to a standard root CA.

[2] This is different from saying that I think he *would
intentionally* sign a malicious cert, which I don't. I just have no
idea how secure the private key for that CA is. And I know that a
fully isolated, physically secure facility, and a good HSM are really
expensive. (But maybe he is doing this?)

[3] If this is already available somewhere, apologies; I haven't
managed to find anything like it.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.