lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 3 Oct 2011 13:19:27 +0200 (CEST)
From:	Jiri Kosina <jkosina@...e.cz>
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: kernel.org status: establishing a PGP web of trust

On Fri, 30 Sep 2011, H. Peter Anvin wrote:

> Since the kernel.org status announcement last week a number of you
> have contacted me about re-establishing credentials.  In order to
> establish a proper PGP web of trust we need keys that are cross-signed
> by other developers.  As such, we ask that you follow the following
> steps:
> 
> 1. Make sure your systems are uncompromised.  We will address specific
>    recommended steps for that in a separate email.
> 
> 2. Create a new PGP/GPG key, and also generate a key revocation
>    certificate (but don't import it anywhere -- save it for the
>    future) for your new key.  In the near future we are considering
>    setting up an escrow service for key revocation certificates.
> 
>    I recommend using a 4096-bit RSA key.  Given how fast computers are
>    these days, there is no reason to use a shorter key.  DSA keys
>    should be considered obsolete; substantial weaknesses have been
>    found in DSA.
> 
>    $ gpg --gen-key
>    $ gpg -u <key ID> -o <key ID>.revoke --gen-revoke
> 
> 3. If you are reasonably certain that your old key has never been
>    jeopardized, sign the new key with the old key.

I have a question here. In case people are 'reasonably certain' that the 
old key has never been jeoparadized, why are they required to create a new 
key?

(if the old key would have been compromised, the attacker could as well 
generate a new key and sign it with the old key himself, so I fail to see 
any benefit of this PGP excercise).

It doesn't make too much sense to force people to live with two different 
personalities in this "PGP web of trust" world just for the sake of 
kernel.org, does it?

Thanks,

-- 
Jiri Kosina
SUSE Labs

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ