diff --git a/OpenPGP-Security.md b/OpenPGP-Security.md index 449b363..5dfaf2e 100644 --- a/OpenPGP-Security.md +++ b/OpenPGP-Security.md @@ -57,6 +57,36 @@ TODO: Yes we must do this. Important TODO #### Support for Image Attribute Subpacket? No, in about 99% of all use cases there are better photos to be found in Android's contact database. +### Thesis +* OpenPGP is over-engineered +* Web of Trust has failed +* nobody understands tsigs +* nobody understands different trust levels + +### Solution +* Identities **are** certified or **not** +* Alternately, trust is probabilistic. Keys have associated metadata which a potential user may examine to help in deciding whether to use them. Web-of-trust and Keybase-style "proof" data could be included here, and it seems likely that other flavors of such metadata are likely to arrive. +* Hide Web-of-Trust + + +# Fingerprints and key IDs +* Don't prefix "0x", average users do not understand this +* handle key IDs like telephone numers +* no monospace for key IDs (do you use monospace on telephone numbers? no) +* Key IDs lower case to better differentiate numbers and letters +* Don't show key ids? (https://www.debian-administration.org/users/dkg/weblog/105) + +# Key creation + +## User ID comments +Considered harmful, so only in advanced key edit. +See https://www.debian-administration.org/users/dkg/weblog/97 + +## Password meters + * ["How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation."](https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final209.pdf) + * "Does my password go up to eleven?: the impact of password meters on password selection" + + ### Relevant links * https://gist.github.com/coruus/68a8c65571e2b4225a69 * https://help.riseup.net/en/security/message-security/openpgp/best-practices