From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 23B44138334 for ; Sun, 17 Feb 2019 19:04:00 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C9F8FE08C3; Sun, 17 Feb 2019 19:03:58 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 7EDD7E08C0 for ; Sun, 17 Feb 2019 19:03:58 +0000 (UTC) Received: from [10.100.0.26] (host-37-191-231-105.lynet.no [37.191.231.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: k_f) by smtp.gentoo.org (Postfix) with ESMTPSA id AD68E335CA6; Sun, 17 Feb 2019 19:03:56 +0000 (UTC) Subject: Re: [gentoo-project] [RFC] OpenPGP Authority Keys to provide validity of developer/service keys To: gentoo-project@lists.gentoo.org, Matthew Thode References: <1550306421.831.16.camel@gentoo.org> <1550393754.1257.5.camel@gentoo.org> <20190217185416.nbgwm266moyk6j2u@gentoo.org> From: Kristian Fiskerstrand Openpgp: preference=signencrypt Autocrypt: addr=k_f@gentoo.org; prefer-encrypt=mutual; keydata= mQINBEdj//4BEAC3zjKRryW1mLec38x0w9ByG50h6KJddkZe3UNdGhAa3S5E4NAi/fUoe3gD LUDDmpHZNqtbMgrobwUNjLrp+PDZNdMJFAnbWXvmsMwuax0SWJzy4alem34tvir3a2PpnVr9 ylyAyxPChMM0ANelT/fiYIEysjAbHXjri89qdT+yA16CMljoun7vIOmq7ohKdNd1Dci6qoyj 0NllvR2AiBI+ZJnoF4hkRKO1PNUJROzn/ku88idaNkWyq7rREI+WkhS+K6xg1R/d6mTp+bHP tmwGlN4U1Lgx9qeitYzirkQeA8EGK/EEPPZG85WvXSrTftoPvQswOtW7I+jkTdd30GHXf6JH Rq4oR0mT65mqckycPjXNw6RM0fxyx06/kbVG8x3tzc3roJF+hR+h5QWIWsQOc3ZAhbJPWnfP D/kEN20yvb6EXWha+70QJbrBsnN0M8MLF7x+ZWTKESOVpshUBG67iq/FWCpv3st2VTq4M0Ep b/ORIKlfEgSsGv6waooF0ik41ey3k6PIcuHTq/sCoFoC6EH75wqsbmLkVSyqTKm3MSjlN26d ei425iCXJSyH0L1WmeS0i0rzcF5BCu9V280DmNFHWkr4iHiyrVcNyccocMTeh6/ZG7XSI0wc TONVNnKtofVHkzwHMdDlDx4lFRG+V0ftimR5THlxtG8AzQKY9QARAQABtCZLcmlzdGlhbiBG aXNrZXJzdHJhbmQgPGtfZkBnZW50b28ub3JnPokCPQQTAQgAJwIbAwULCQgHAwUVCgkICwUW AgMBAAIeAQIXgAUCXBkr/wUJFqcqNAAKCRALf4tg4+364+jcD/93QVM8oueXqsMoMpBGN6Mm M2PbcVS3ZiBFjGPeqm7g29tzR2+OhzGmI17IbwUjwBiCVthym4ekF9vbGh8brSm168r/i+Q8 vQmVyzbJS1PO/M4sVzXnge3oo2Q57nhQewS1RGQIadtC3nTCzyAN7CHZg2/tnkci9U5Uljrx FrMgOTjQT/ylEC0efKR013ccFcxi1h5rHr4mnNrW2fNjJ30kyHvu896TZiHZYi3d3W/RTdyD URCX+6eRAyI64RpWiSdaSdFL9M8W4LXv8UD9BEnrd3aYqIx8lRtirG9MZtURaQK6RcE/+/OU JnGOXu08z9jYRNQ4LWnelrL1gNH6yQnCpWlP1f60iyrQ5vWj7fClEcOtlqYuMUvLRmZtbp7V sN2SY09dh4SgrlFXS8dVdESTJlpoHOe5GsmESIYSLKoxNg8JnjmGDCcZAeC4DGQOz9OyKQSk W4L4yeDt/PUTf4jJ6mIgrVfLIyZIF9uQka4/Xh/ECOJsKKyqaEZQ6rRuXtpL2SZsNxpYYTfr JXE7AOH6pehDhOJ0dxchfEhiQKKHC6dDXLVj7eauiRn0brPCbqgLufa5lU5CSy0v/I2YHcXr xtp0HRfcoOKH6SC/6NaeE+QDikLv3V0706KdRWH+sn1ZM4eml0P7B+dgAj6LFbDjJrwRncIB 087bE6YTHNL7rrkBDQRcGSkhAQgAu/B9sChWogJod8L3i0Pf+4YwUG/elFZtHtXPk06TdbMp +KxhY0cIit5J422HME7P4fxPnu1zaGm40nUjc/bzKdUNbVjtHFDJJAQeI+W8VGDxpHOrDoY0 WYnKhABNWCcuj6eH/MyxkjVblZvTxuEuKJQQ5yL44hsBQmA6aNHwkJnB+pd7NvUBRpfEnBoF Cp2Wma3VZgdrDJ0s/eoHTc8uPkKWaixkQYTtwSJ/2Z2qncSe61V6u+HAHxdyaNceSTf1W58W DNcNdKlMUEcFK5E2ya+oikZUVHUbyHR+GgZ/UmZQO9xVLmghjCaKq7L65yAUuMpsB7npdUMF mHpY+9Jl8QARAQABiQNEBBgBCAAPBQJcGSkhAhsCBQkB8gEAASkJEAt/i2Dj7frjwF0gBBkB CAAGBQJcGSkhAAoJENuBfg4Xj5s/JTMH/iFMxlDX5MR+Td75hX8H55nx7SDNcJczfxxFqFyv qUUTYGzkSbRVRudSh8iD7Btb0Q9/VfmBax9L5JobbB5nAWAJ6gKPIAYKiQ3khBLJgtFUjC27 EfyGafqBPgq7F1pC6uyyRDFc0Axg0ZwR/1m1MD4wZ1RjWth1K7P4xPipKdumn4fSpZYn8a+s G/OmjG9/7pnyVi2yW6Q5ameKstDdFzy1BuZTiS0RoUvQZqOgGkJQ8Ckzn7FUty9GEQ5+9/im 80OUKN7wQ1xoijVvM/WhrpDINmMQhbXE/ut5mG0+qZd0DwQXG0uSCzfiRgQQ1srtW2a67Hvc dYajfda/N5697YCDZRAAon9l+aZP6Z80A98lC+U33LvuGVJoWOzMW/SgQo9XXtW3LhpSbctU 58hI0hJkBdYTp9vT+ZsAb4DGYdIu50tY3w1a1tMuNb414h5X5ssGKc36XQiMoS4cnok5xT0u Uhh85hz7KmOVUH0mrQUeCsdl6DMU0DUjaTKP5sgl8E34A/ioqWWdH7rLLsR9KxOVEQgL3wC8 5yCIjnmGAPT+ZeD3VAziV3W8PHcWEihFnDUx5sqX411AGpzoWfFbBa6kNnl9aZCTs1KUUIYb PsBMu612JkUM3S1wI+cZT284JV3NwgqrG6mQAcDlm5SnNHYvmWdUAbd1cVbSpplU9FyU7VCw YhOKxSfGFY/7QJi9FcrooQpuXzV3bDPTFLFFYQ0uwFfAZgDOERG3ccjycYsByNeEFR8A/Fzl GPNHPoacS05cpMo0hyn5XmyynduDVQja4kXVKnj7Qok99wU943nhRnKI8g3vbqi8m3QFhoMu YBDKc2j0MC28V5ASyZZWOWsQfb+o3B2pxQvtgsrv2hy3b94F0qoIp4X0V16nLGfrPbfGoHHB fN2ndkSH/+THgMvF2DLtrOqFqF5SZJlo2Qjx2LLjyBG7qbbwxyCzgIto5U9hF/2OGaq0swna hMCNI8Mm07eUTcAbfdVup44DjzqFugVUAYTYeDje43Q5y+KF8cWERX+5AQ0EXBkqNAEIALeW +e+/K1ZrbVS8zsA8loDW8WUqibZzBjEcmSvZyzvy9ZURrSXowPFG4thrE/fmg0IKm3NCfYHn la9bFI8tTuOFL3rZCSaGxfcxq9ocHUkXf3TviZ08qZG7Ql+Tgspn9LUlgUKNO5IZNZpX3YJC EVijYRFW1uXr7bZPfPHgYijV7uPrTmfwsopBDkfmGa25ACGqBsFi1i+1F7o3T0hJrHavdpG+ pF/CCUxFAETbJp4GWj8oSqbk6C4++8D0qLrKxGtUrDT1y5CC+NinXImDI3yjTQUXRSlTVO6z 18M5yowcRT/vxRnlCYcW8cWCdO//XQ9zXyGL5bL9isvJVC+PQ6cAEQEAAYkCJQQYAQgADwUC XBkqNAIbDAUJAfH/5gAKCRALf4tg4+364ydGEAC0EMGpe8MYqbfDGgqti8jg724kwwXjTk1A 01Q9EaTVSlVgaK4sL3IZ0+xfXzeyRHFWf9TTWm4657ni7bAudZGoLxUxKK7QABS3CCW5fxub KSxXQ+yDQpyim8NgrHoVeOht9drPKHQF/Q2YfZ6XqRCf0WaR8Lq3DLJpVpRS6W8JG4egTXdY oG842fO0uMwfbfKn22+bxr6KGolKX+4lgKU90+FLcgqDuXS8cAlMOFuhrgwL7lxlStYO/w6/ CGyFxrAnlZ/sXKbC34SZiVuOtJw7P87MNyQHw8XTBf/SlRTvm5JLdVIAGYxjJK6Fr7Fx5IHU vCP/PF2skyxE7L6TjEP8ZHrwdjhlrrxJXUDgRtsNGpDDp4Zn771m90qxOhHJ/c79fGf1S4go yxwM+4UqeBwDA3adC65XF2ASo0Z97/rgLJOU+C1sOp4xNUUCquUl8eivcco3EPTIP1UDPn2h zdoXPOqT0bdR6XloYmwNJZPwgDJYadSGR5Z6X+CTFzEejgq40xNUbfYR0lARRRw5bUT90KM9 uqM7ILmqESP6W+hB8tFsZF1Uk1RYco2caRPFPiPC059IY5RlKaZ5OwjwCU55A+yb3UA1qPKM KbRdVUDFvaRxzNxpFdYUkhl5Zu2P5aFjWEZeL8E+/1rZCuKkXj3ED22luoa4XmWEwtfpTw5S kQ== Message-ID: <3af68c37-326d-d1a3-c59b-c302e56912e6@gentoo.org> Date: Sun, 17 Feb 2019 20:03:46 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Project discussion list X-BeenThere: gentoo-project@lists.gentoo.org Reply-To: gentoo-project@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: <20190217185416.nbgwm266moyk6j2u@gentoo.org> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="N75yK7M16cF6v3QtTuHX0JrlM6qH4nTeT" X-Archives-Salt: 33c1d90b-c42f-4da3-b1a5-324568b099d5 X-Archives-Hash: f677b93ce68991bbfaf62f9f617f7665 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --N75yK7M16cF6v3QtTuHX0JrlM6qH4nTeT Content-Type: multipart/mixed; boundary="v8oPxofA1fQflcbaOoqBhPU9OY0gx0Sb5"; protected-headers="v1" From: Kristian Fiskerstrand Reply-To: k_f@gentoo.org To: gentoo-project@lists.gentoo.org, Matthew Thode Message-ID: <3af68c37-326d-d1a3-c59b-c302e56912e6@gentoo.org> Subject: Re: [gentoo-project] [RFC] OpenPGP Authority Keys to provide validity of developer/service keys References: <1550306421.831.16.camel@gentoo.org> <1550393754.1257.5.camel@gentoo.org> <20190217185416.nbgwm266moyk6j2u@gentoo.org> In-Reply-To: <20190217185416.nbgwm266moyk6j2u@gentoo.org> --v8oPxofA1fQflcbaOoqBhPU9OY0gx0Sb5 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 2/17/19 7:54 PM, Matthew Thode wrote: > On 19-02-17 09:55:54, Micha=C5=82 G=C3=B3rny wrote: >> On Sun, 2019-02-17 at 06:56 +0000, Robin H. Johnson wrote: >>> On Sat, Feb 16, 2019 at 09:40:21AM +0100, Micha=C5=82 G=C3=B3rny wrot= e: >>> 2. The uid signatures should NOT be naively exported to keyservers. T= hey >>> should use the CAFF method of generating a uid signature, writing it = to a file, >>> and sending it as an encrypted message to the uid address. The uid ow= ner is >>> responsible for decrypt + sending to servers. This ensures that the e= mail >>> address and key are still tied together. >> That sounds like awful requirement of statefulness with requirement of= >> manual manipulation to me, i.e. a can of worms. Do we really need to >> assume that Gentoo developers will be adding keys they can't use to >> LDAP? >> > It could also be a bad actor, though that comes with other concerns. > The CAFF method is the standard way of handling signatures, switching t= o > ldap also switches our trust store to be based on ldap, not developer > keys (anything can be in ldap). Different threat models, if you assume the malicious actor can edit the fingerprint in LDAP to begin with they have access to the email itself, and we control the email address since only the @gentoo.org UID is signed= =2E --=20 Kristian Fiskerstrand OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 --v8oPxofA1fQflcbaOoqBhPU9OY0gx0Sb5-- --N75yK7M16cF6v3QtTuHX0JrlM6qH4nTeT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEICl/zzfUVEdaBsDU24F+DhePmz8FAlxpsBcACgkQ24F+DheP mz/Q5gf9GC5ONobfTp+9W4WaRVCqt053HM9egGdBfG4kacQ0oN9RF9DTHY/vN4OA xZR0WRd7vQiMs7F8Oe2ztFA2bj9PAyiuzish79X0wJUhUwYTWLIr32XDA0CJ6WeY YA8OXphXjAfCHRqI3t4Ld9aQ2V/oLCBY1J1A6DVpJqwckQzO119AFoYVu3MoO9PO LlaDtXrGMHAip4c46/Yno9OXFNmxRDji0slkqbPepwYFOoZ7Zo2K4tCY+yiBtGfz MYZ/a1Q82uRGkDR9pD2xda7WPTF7VtmNz2zJzqeT6noZwnCuYGcJUPWWinQDcryT C4aDwP263G2uuf+Yn8/PFAClAewB7A== =+9Eq -----END PGP SIGNATURE----- --N75yK7M16cF6v3QtTuHX0JrlM6qH4nTeT--