Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Fwd: Relevance of PGP?



> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of John Abreau
> 
> If an average user wants to delegate his PGP keysigning to his lawyer,
> he can configure his PGP settings to trust all keys that the lawyer
trusts,
> and then the lawyer can take care of attending keysignings, contacting
> other keyholders (or those keyholders' lawyers) to verify their keys, etc.
> 
> The SSL certificate hierarchy doesn't work this way, from what I've seen,
> and transforming it to work this way would be a huge effort with a lot of
> political resistance. ?I believe it would be a lot easier to implement
this
> as an extension of the PGP web-of-trust model.

I like this idea, but does it exist anywhere?  Meaning...  Suppose I get
something signed by you, and your signature says you delegate trust to your
lawyer, Abraham Lincoln.  How am I supposed to get Abraham Lincoln to verify
your signature, if I don't know him and I haven't already received his
certificate myself personally via trusted channel?  For that matter, if
somebody was forging your signature, they would simply say they trust Lionel
Hutz instead of Abraham Lincoln.  How do I, as the recipient of such a
message, know who I should trust, to verify the authenticity and integrity
of your supposed signature?

In DNS, we have a hierarchy of delegated authority, but they all stem from a
pool of worldwide shared well known and trusted sources.  We could probably
use something like this for key signing and certificate verification etc.
But how would that be different from S/MIME?

Fundamental to the widespread or even remotely-near-universal adoption of
either technology ... s/mime, pgp, or anything similar ... is that it needs
to work universally, even for verifying the authenticity of people you
haven't previously communicated with.  It needs to be automatic
(effortless).

Acknowledged:  Anything automatic will not be good enough for everyone.  If
you're securing communications of the whereabouts of Bin Laden, or the
identity of the second gunman in the grassy knoll...  Then you will only
trust something that you personally as an expert in the field have inspected
deeply and eliminated the possibility of *any* 3rd party intervention.  

But people don't put a lock on their home front door expecting to keep the
CIA out.  They do it to keep common criminals out.

People nowadays with no encryption and no signing, are running around with
the door unlocked, even open, swinging in the breeze.  

People using something like s/mime, which delegates trust to a commonly
trusted 3rd party, are using a normal house lock on their front door.  It's
good enough to keep out common criminals, but the authorities can break it
if they want to.  

People who use PGP are using a deadbolt on the front door in addition to the
regular lock.  It's a bit of a hassle, but it provides more security, and
the authorities can still break it if they want to.  It just keeps out even
more of the common criminals.




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org