published key security levels
Hauke Laging
mailinglisten at hauke-laging.de
Wed May 12 17:31:40 CEST 2010
Hello,
do you think it would be useful to integrate some information about the "usage
security" of a key into the key?
Keys are used differently. The one I use to sign this email is my key for
nearly everything. It is (or rather: was) stored on several PCs which are
rather comfortable than high security systems (KDE). Offline security is high
but few applications only are denied access to ~/.gnupg (by AppArmor). It is
not probable but far from impossible that this key is compromised. That is OK
for me because I believe that it is most important to have reasonable security
available everywhere. Somebody wrote here today: "RSA is better than nothing".
That's the point.
Of course, it is not a problem to generate several keys for different levels
of security. I would not want this key to be accepted for important contracts.
For different level keys to be useful the users of public keys have to be
enabled to recognise this level (with cryptographic security).
My idea is to define some levels which can be added e.g. as signature
notations to the key:
0: unknown
1: for testig purposes; private key available to several people
2: low security: key is used on non-trustworthy systems (e.g. for using
webmail services from public systems)
3: medium security; key is used on trustworthy systems only
4: hardware security; key is used on smartcards only (including offline
backups)
5: paranoid: the key is on a smartcard; signatures and certifications are made
on systems which are "guaranteed" to be non-compromised (booting from DVD, not
network connection) only.
The main problem IMHO is: This information needs to be covered by
certifications to be really useful. If it is not, this could happen: A low
security key becomes available to an attacker. The attacker is capable of
changing the notation. A communication partner gets the changed key with valid
signatures and regards it as a high security key.
Is there any possibility to get such additional key parts signed without
changing the key format (or putting that into the comment field)?
An interesting question is: What am I supposed to do if somebody wants me to
sign his key at level 4 or 5 if I know that this key is or has been used in
other ways, too? ;-)
The currently discussed problem of selecting the the right subkey(s) would
grow to selecting the right (primary) key, of course. This could be solved by
defining global and per addressee levels. If a certain message needs higher or
allows lower security then the appropriate key would have to be selected
manually.
How would this affect the usage of gpg? I tried to make an organization
support the usage of gpg by educating its members and offering certification.
One of the arguments against this was: "People cannot read their emails on
their mobile devices any more then."
This is not only a technical problem. It should be up to the sender to decide
which level of privacy he demands for his message. So the sender could decide
that it is OK for him that the recipient will not be able to read the message
everywhere but only in a reasonably secure environment (thus often later). If
a message is to not be readable in certain circumstances then it is not an
agument that it isn't. It's not a bug, it's a feature.
On the other hand the sender could decide that he does not want to send a
postcard security level message but that webmail access is OK for him. He
would use a level 2 key (too) then.
Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20100512/d50dc691/attachment.pgp>
More information about the Gnupg-users
mailing list