Web vs Tree, Transport vs File was Re: Short GPG HOWTO

Shae Matijs Erisson shae at ScannedInAvian.com
Tue May 17 15:46:08 EDT 2005


"S. Alexander Jacobson" <alex at alexjacobson.com> writes:

> Look, cryptographically GPG and SSL are very similar.  With either one, if
> you trust long chains of signings, you are at risk that any intervening key
> has been compromised.  So, in practice, you rely on a set of root
> certs/signers you trust to

One difference is that GPG is a web, and SSL is a tree.

If the SSL root certificate is compromised, you have to throw out the entire
certificate tree, for any lower level certificate, you only have to throw out
that branch. Users will then need to manually remove the root or branch
certificate from their browser or other client.

With GPG there's no single point of failure, and there's also a simple command
"gpg --refresh-keys" to download new signatures, keys or revocations.

With gpg --gen-revoke you can generate a revocation certificate to store
separately. In the case where your laptop or desktop containing the secret key
is compromised, you can upload your revocation certificate to the keyservers. 
Then the next time users use --refresh-keys, the revocation is added to their
keyring.

>   * put some effort into verifying the mapping from a key to an identity,

Key signing parties are common in the open source culture.

>   * maintain their private keys sufficiently securely that you can
>     trust it for long periods of time, and

I use a sentence sized string for my gpg key password. gpg asks for the
password for each use, but has an option to cache the password for some minutes
after use when you want to sign many packages or keys.

Password protected SSL certificates either need the admin to type in the
password for each apache-ssl startup, or they need the plaintext password fed
to them from the startup script. I don't like either of those options.

>   * notify you when keys they have signed have been compromised.

--refresh-keys does this.

> The real differentiator between SSL and GPG is that the former is transport
> level while the later is file level.  With SSL, I think you suffer additional
> complexity each time you set up a web server.  With GPG, you suffer
> additional complexity each time you create a new file to share.  I think most
> people create many more files to share than they set up web servers to serve
> them so I prefer the SSL model.

SSL would limit users to internet-only security. 
Embedded systems, new installations, laptops, ISP hardware failure and many
other reasons can lead to cases where disconnected but secured package
installation would be desirable.

In this case, gpg is used to sign zip or tar.gz archives of new versions.
I do wish new versions of Haskell software were released often enough to make
this a usability problem. :-)
-- 
It seems I've been living two lives. One life is a self-employed web developer
In the other life, I'm shapr, functional programmer.  | www.ScannedInAvian.com
One of these lives has futures (and subcontinuations!)|  --Shae Matijs Erisson



More information about the Libraries mailing list