[linux-elitists] GPG luser rant
Fri Apr 13 11:50:11 PDT 2001
begin Karsten M. Self quotation:
> Better yet, if folks actually *do* get GPG installed on their systems,
> when there comes a need to send private mail, the option to go encrypted
> exists. We're shooting for a baseline state in which a presumption of
> the presence of cryptographic infrastructure is valid, and the ability
> to originate, receive, and validate such communications exists.
Yes, I certainly see the point.
I wish it were not the case, but there are not yet very workable
real-world systems for distributing, managing, and revoking keys --
PKI/certificate authority or web-of-trust models are both problematic
in those areas if you aim for both day-to-day practicality and
meaningful authentication. Much as I would like to hope that these
are early implementation issues that will be ironed out, the worst of
them appear essential to the authentication models concerned.
(I know I'm being repetitive about this, but the best analysis I know of
is Bruce Schneier's in _Secrets and Lies_. I wish he had the crypto
chapter on-line, since I keep wanting to quote from it, and never have
The real-world authentication that tends to work best is... context.
Which, as it turns out, is the main issue professional document examiners
scrutinise to detect forgeries (or, in the alternative, certify
documents as believed to be genuine). A credible document is one that
not only passes surface examination but also has a believable context
Your e-mails are believed to be from you to the extent they not only
purport to come from you but also sound like you, sound like something
you'd say, and aren't credibly repudiated. A fallible system, to be
sure, but it works well enough most of the time -- and people have
fallbacks in the case of controversy.
Which point you're, of course, fully aware of, and have addressed:
> There's far less context carried in ASCII than the modulations of a
> human voice, and far less opportunity for realtime challenge-response,
> even of an informal (and possibly undetectable) manner as would be
> possible in a phone conversation.
A decade ago, at the time of the Pentium FPU scandal, a Lincoln Spector
humour piece entitled "2001.268: A Pentium Odyssey" (usually under some
variant name) started popping up all over the Net, BBSes, corporate
e-mail systems, etc. -- always with the author credit stripped. It's
still being uncontrollably plagiarised in that fashion, such as here:
http://jevans.webpipe.net/humor/halpenti.txt . I'd never seen the
original piece in print, but Spector's style was unmistakable, so I
always wrote back to senders, saying they, even if they weren't willing
to honour the author's copyright, they should at _least_ be civilised
enough to credit his _name_.
And, as it happened, after the first couple of months of this, Spector
wrote one of his rare non-humour pieces, talking about how, although he
was flattered to have produced such a hit, as a professional writer he
was outraged at being blithely ripped off by people who not only
misappropriated his work but also acted to strip him of credit for it.
So, I wrote to Spector, told him of my own small efforts to correct the
situation, but said he might take some comfort that the piece had
_immediately_, without question, stood out as being his, and that his
writings were signed between the lines in a way that no amount of
bootlegging could impair.
And he was, indeed, cheered by this perspective. As am I -- even none
of the rest of us have styles that quite scream their identities the
way Spector's invariably does -- or the way "François-Marie Arouet"
completely failed to fool anyone when he published _Candide_.
Now, as far as public key handling is concerned: Distribution and
revocation are going to remain problems: PKI/CAs and web-of-trust
aren't magic pixie dust for that. But I can think of something thta
might help the key-management problem.
Imagine an electronic appliance the size of a keyfob (or credit card)
that you carry on your person. It holds your private keys, and is just
smart/flexible enough to sign some set amount of text and spit it back.
It's not smart/flexible enough to be probed or compromised
electronically. What's the point? The point is that, ideally, you'd
never have your private keys on-line except during usage, and you would
do that only in highly secure circumstances including single-user mode.
But nobody does this; it's not practical.
Obstacles include RFI monitoring (but maybe not much of one, given a
lack of CRTs working directly on the protected device).
Cheers, Right to keep and bear
Rick Moen Haiku shall not be abridged
firstname.lastname@example.org Or denied. So there.
More information about the linux-elitists