Mirrors
/
open-keychain
mirror of https://github.com/open-keychain/open-keychain.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated OpenPGP Security (markdown)

Dominik Schürmann 2015-03-15 15:41:42 +01:00
parent f5e7a7b0ba
commit 465cef641c
1 changed files with 14 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
OpenPGP-Security.md

@ -57,24 +57,9 @@ TODO: Yes we must do this. Important TODO
#### Support for Image Attribute Subpacket?
No, in about 99% of all use cases there are better photos to be found in Android's contact database.
### Thesis
* OpenPGP is over-engineered
* Web of Trust has failed
* nobody understands tsigs
* nobody understands different trust levels
### Solution
* Identities **are** certified or **not**
* Alternately, trust is probabilistic. Keys have associated metadata which a potential user may examine to help in deciding whether to use them. Web-of-trust and Keybase-style "proof" data could be included here, and it seems likely that other flavors of such metadata are likely to arrive.
* Hide Web-of-Trust
# Fingerprints and key IDs
* Don't prefix "0x", average users do not understand this
* handle key IDs like telephone numers
* no monospace for key IDs (do you use monospace on telephone numbers? no)
* Key IDs lower case to better differentiate numbers and letters
* Don't show key ids? (https://www.debian-administration.org/users/dkg/weblog/105)
## Fingerprints and key IDs
* In most places key IDs are useless!
* https://www.debian-administration.org/users/dkg/weblog/105
# Key creation
@ -86,6 +71,17 @@ See https://www.debian-administration.org/users/dkg/weblog/97
* ["How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation."](https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final209.pdf)
* "Does my password go up to eleven?: the impact of password meters on password selection"
### Web of Trust
* OpenPGP is over-engineered
* Web of Trust has failed
* nobody understands tsigs
* nobody understands different trust levels
### Solution
* Identities **are** certified or **not**
* Alternately, trust is probabilistic. Keys have associated metadata which a potential user may examine to help in deciding whether to use them. Web-of-trust and Keybase-style "proof" data could be included here, and it seems likely that other flavors of such metadata are likely to arrive.
* Hide Web-of-Trust
### Relevant links
* https://gist.github.com/coruus/68a8c65571e2b4225a69