[Discuss] Fwd: Relevance of PGP?

[jabr at blu.org (John Abreau)]

Yet another one...


---------- Forwarded message ----------
From: John Abreau <jabr at blu.org>
Date: Sun, Jun 12, 2011 at 4:50 PM
Subject: Re: [Discuss] Relevance of PGP?
To: Anthony Gabrielson <agabrielson1 at comcast.net>


If you don't like the web-of-trust model at all, then instead of extending it,
you can replace it entirely. Either way, I'm just saying that a distributed
model where you choose who to trust, or choose who to delegate decisions
about trust, is better than a model where everyone in the world is effectively
compelled to trust the One True Authority.

If someone steals a copy of your house key, you need to change the lock.
You hire a locksmith to do this.

If someone compromises your lawyer who you trust to manage your
PGP keys, you need to change your lawyer and your keys' trustdb.
You should be able to hire a PGP "locksmith" to audit and clean up
your keyrings.

If someone compromises Verisign's top-level root certificates, you need
to change your top-level SSL authority. How many independent top-level
certificate authorities are there? My understanding is that all of them are
heavily depended on Verisign, and none of them can truly be considered
independent. If my understanding is correct, then there is no other
authority that can replace Verisign.



On Sun, Jun 12, 2011 at 4:31 PM, Anthony Gabrielson
<agabrielson1 at comcast.net> wrote:
> Perhaps, but then I may need to have an attorney to send my mortgage paperwork to a broker - that could get really expensive. ?What happens if my attorney is compromised? ?This sounds a lot like a Certificate Authority and PGP is not good at handling key changes if/when compromised.
>
> Who teaches the mechanic working 60 hours a week to properly configure an email client?
>
> I agree that SSL is shattered.
>
> I also agree that PGP is the answer, I'm just not fond of their web-of-trust model. ?I think most of what you do by hand can be done automatically. ?I also think whatever solution evolves needs to be bigger than encrypted data encoded in a MIME format.
>
> On Jun 12, 2011, at 4:20 PM, John Abreau wrote:
>
>> Sometimes people assign power of attorney to their lawyer or accountant.
>> A similar thing could be done to delegate trust to a hired professional,
>> without requiring a single central authority to be in charge of all such
>> trust delegations worldwide.
>>
>> If an average user wants to delegate his PGP keysigning to his lawyer,
>> he can configure his PGP settings to trust all keys that the lawyer trusts,
>> and then the lawyer can take care of attending keysignings, contacting
>> other keyholders (or those keyholders' lawyers) to verify their keys, etc.
>>
>> The SSL certificate hierarchy doesn't work this way, from what I've seen,
>> and transforming it to work this way would be a huge effort with a lot of
>> political resistance. ?I believe it would be a lot easier to implement this
>> as an extension of the PGP web-of-trust model.
>>
>>
>>
>> On Sun, Jun 12, 2011 at 3:50 PM, Anthony Gabrielson
>> <agabrielson1 at comcast.net> wrote:
>>> While I agree that more end-user education is always desirable I think much of that time could be better spent simplifying the interface (keep in mind the average user barely notices a browser lock). ?IMHO most deployed cryptography is much to difficult for the average user to comprehend. ?Lets look at key signing parties - can you really picture non-technical users having a key signing party? ?I don't see parents at the park watching their kids playing and trading PGP keys among themselves. ?I also don't see executives dedicating the first 20 minutes of a meeting to PGP key signing. ?Most of the security achieved through key signing parties can be achieved in other ways, and those methods need to be exposed. ?Truthfully, I don't think users even need to know they are even encrypting traffic. ?They should be allowed to focus on their task at hand and the security should just work if conditions permit and if not an error code provided. ?This isn't the first time an area of computing has been dominated by a difficult technology, much like sockets many years ago cryptography can evolve into an easy to use general-purpose API that will work across a wide spectrum of applications and technology so developers can focus on the interface.
>>>
>>> I'm not just ripping PGP; every form of cryptography that I have looked at is deficient in form or another. ?Cryptography as whole needs to move from a math dominated field to a usability field.
>>>
>>> On Jun 12, 2011, at 3:29 PM, John Abreau wrote:
>>>
>>>> If average users didn't understand the reason their front doors have locks,
>>>> they probably wouldn't bother locking their fromt doors, and risk having
>>>> their homes burglarized.
>>>>
>>>> The problem with encryption is that the average user hasn't been taught
>>>> the risks, so they don't understand why they should bother with encryption.
>>>> It is precisely because they don't understand the risks that leads them
>>>> to perceive the effort as "jumping through hoops".
>>>>
>>>> It certainly doesn't help that Hollywood tends to portray crackers as having
>>>> some sort of supernatural ability to break into computers, when in reality
>>>> their skills are typically the equivalent of looking under the doormat
>>>> for a key,
>>>> knowing that many average homeowners will hide a spare key there.
>>>>
>>>> If the Bad Guys have supernatural powers, then no amount of effort can
>>>> keep them out, whereas if the Bad Guys are just looking under doormats,
>>>> then the effort needed to thwart them isn't so hard.
>>>>
>>>>
>>>> On Sun, Jun 12, 2011 at 3:09 PM, Anthony Gabrielson
>>>> <agabrielson1 at comcast.net> wrote:
>>>>>
>>>>> On Jun 11, 2011, at 2:23 PM, Bill Ricker wrote:
>>>>>> PGP ring of trust allows for non-centralized asynchronous auditable
>>>>>> out-of-band context. If I exchange key prints in a meatspace signing
>>>>>> party with John and he with you another day, I may decide that's
>>>>>> sufficient reason to believe you actually exist and that that's your
>>>>>> key, or not, at my choice.
>>>>>
>>>>> Yup you're absolutely correct. ?However, thats why it will never see widespread use - BLU folks aren't the average user and the average user will never jump through those kinds of hurdles. ?PGP out of the box is a PIA, with some really neat features. ?I've been doing some research, that at least I find interesting, to make it PGP useable; if I can ever get one of the papers published it may even make a neat talk.
>>>>>
>>>>> Anthony
>>>>> _______________________________________________
>>>>> Discuss mailing list
>>>>> Discuss at blu.org
>>>>> http://lists.blu.org/mailman/listinfo/discuss
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> John Abreau / Executive Director, Boston Linux & Unix
>>>> AIM abreauj / JABBER jabr at jabber.blu.org / YAHOO abreauj / SKYPE zusa_it_mgr
>>>> Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
>>>> PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
>>>
>>>
>>
>>
>>
>> --
>> John Abreau / Executive Director, Boston Linux & Unix
>> AIM abreauj / JABBER jabr at jabber.blu.org / YAHOO abreauj / SKYPE zusa_it_mgr
>> Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
>> PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
>
>



--
John Abreau / Executive Director, Boston Linux & Unix
AIM abreauj / JABBER jabr at jabber.blu.org / YAHOO abreauj / SKYPE zusa_it_mgr
Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99



-- 
John Abreau / Executive Director, Boston Linux & Unix
AIM abreauj / JABBER jabr at jabber.blu.org / YAHOO abreauj / SKYPE zusa_it_mgr
Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99