From owner-freebsd-security@FreeBSD.ORG Wed Nov 30 13:43:50 2005 Return-Path: X-Original-To: freebsd-security@FreeBSD.org Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 880AC16A41F for ; Wed, 30 Nov 2005 13:43:50 +0000 (GMT) (envelope-from netchild@FreeBSD.org) Received: from www.ebusiness-leidinger.de (jojo.ms-net.de [84.16.236.246]) by mx1.FreeBSD.org (Postfix) with ESMTP id B343943D58 for ; Wed, 30 Nov 2005 13:43:49 +0000 (GMT) (envelope-from netchild@FreeBSD.org) Received: from Andro-Beta.Leidinger.net (p54A5E727.dip.t-dialin.net [84.165.231.39]) (authenticated bits=0) by www.ebusiness-leidinger.de (8.13.1/8.13.1) with ESMTP id jAUDHBBf011867; Wed, 30 Nov 2005 14:17:12 +0100 (CET) (envelope-from netchild@FreeBSD.org) Received: from localhost (localhost [127.0.0.1]) by Andro-Beta.Leidinger.net (8.13.3/8.13.3) with ESMTP id jAUDhhAW061783; Wed, 30 Nov 2005 14:43:43 +0100 (CET) (envelope-from netchild@FreeBSD.org) Received: from pslux.cec.eu.int (pslux.cec.eu.int [158.169.9.14]) by webmail.leidinger.net (Horde MIME library) with HTTP; Wed, 30 Nov 2005 14:43:43 +0100 Message-ID: <20051130144343.od5die60gsw4k0k0@netchild.homeip.net> X-Priority: 3 (Normal) Date: Wed, 30 Nov 2005 14:43:43 +0100 From: Alexander Leidinger To: Kurt Seifried References: <20051126224530.GD27757@cirb503493.alcatel.com.au><4389D072.2030502@iang.org> <20051127182116.GA30426@cirb503493.alcatel.com.au> <000e01c5f410$2de67820$1300110a@pooptop> In-Reply-To: <000e01c5f410$2de67820$1300110a@pooptop> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.0.3) / FreeBSD-4.11 X-Virus-Scanned: by amavisd-new X-Mailman-Approved-At: Wed, 30 Nov 2005 13:44:33 +0000 Cc: freebsd-security@FreeBSD.org Subject: Re: Reflections on Trusting Trust X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Nov 2005 13:43:50 -0000 Kurt Seifried wrote: > should have people upload their keys. On another note I am available > to sign PGP keys (proving your key/identity is an excercise left to > the reader =), or to the signer... the keys are available in the handbook (either from www.freebsd.org or in raw from http://cvsweb.freebsd.org/doc) and sending them to the @FreeBSD.org address should put them in to the hands of their owners (and if not, it doesn't matter, they just don't get your signature on their key). And AFAIK this is all PGP is supposed to verify, that the person behind "user@example.tld" is the same as the person with access to the secret key for this address. Please correct me if I'm wrong and PGP also is supposed to e.g. verify that the name is the same as on the passport or whatever way of personal identification is available where the owner of the key to sign lives). But this assumes the signer trusts the FreeBSD.org security: Access to the FreeBSD.org machines is only granted with a known ssh v2 key. Such a key is put in place by an admin, who got the key in a secure manner (either via a PGP signed mail or uploaded to such a machine via scp by an already trusted person). Without ssh access there's no way to insert a key into the CVS repository. My Alexander@Leidinger.net key is also available from https://keyserver.pgp.com (I just noticed that my @FreeBSD.org key is not available there... I should correct this). I verified (by inspecting the fingerprint) that the key which is available from there is my own one before acknowledging their verification procedure (see https://keyserver.pgp.com/vkd/VKDVerificationPGPCom.html for the drawbacks of their approach). Bye, Alexander. -- http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137 The human mind treats a new idea the way the body treats a strange protein: it rejects it. -- P. Medawar