Updated OpenPGP Security (markdown)

Dominik Schürmann 2015-03-16 15:37:08 +01:00
parent c2f1e2539e
commit 9c1d8093fb
1 changed files with 22 additions and 3 deletions

@ -82,13 +82,32 @@ In OpenKeychain several methods for key exchange exists:
If two keys exist in OpenKeychain's database with the same main user id, the creation date is displayed alongside the keys to differentiate them.
Answer based on [dkg's blog post: "OpenPGP Key IDs are not useful "](https://www.debian-administration.org/users/dkg/weblog/105) (CC-BY 4.0)
Answer based on [dkg's blog post: "OpenPGP Key IDs are not useful"](https://www.debian-administration.org/users/dkg/weblog/105) (CC-BY 4.0)
# Key creation
## User ID comments
Considered harmful, so only in advanced key edit.
See https://www.debian-administration.org/users/dkg/weblog/97
Most OpenPGP User IDs look like this:
```
Jane Q. Public <jane@example.org>
```
This is clean, clear, and unambiguous.
However, some tools (gpg, enigmail among others) ask the user to provide a "Comment:" field when they are choosing a new User ID (e.g. when making a new key). These UI prompts are evil. The savvy user knows to avoid entering anything in this field, so that they can end up with a User ID like the one above. The user who provides something here (perhaps even something inconsequential like "I like strawberries", due to not being sure what should go in this little box) will instead end up with a User ID like:
```
Jane Q. Public (I like strawberries) <jane@example.org>
```
This is bad. This means that Jane is asking the people who certify her key+userid to certify whether she actually likes strawberries (how could they know? what if she changes her mind? should they revoke their certifications?) and anywhere that she is referred to by name will include this mention of strawberries. This is not Jane's identity, and it doesn't belong in an OpenPGP User ID packet.
Furthermore, since User IDs are atomic, if Jane wants to change the comment field (but leave her name and e-mail address the same), she will instead need to create a new User ID, publish it, get everyone who has certified her old key+userid to certify the key+newuserid, and then revoke the old one.
It is difficult already to help people understand and participate in the certification network that forms that backbone of OpenPGP's so-called "web of trust". These bogus comment fields make an already-difficult task harder. And all because of strawberries!
Tools like enigmail and gpg should not expose the "Comment:" field to users who are generating keys or choosing new User IDs. If they feel it absolutely must be present for some weird corner case that 0.1% of their users will have, they could require that the user enters some sort of "expert mode" before prompting the user to do something that is likely to be a mistake.
Bad examples can be found in dkg's blog post.
Answer based on [dkg's blog post: "OpenPGP User ID Comments considered harmful"](https://www.debian-administration.org/users/dkg/weblog/97) (CC-BY 4.0)
## Password meters
* ["How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation."](https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final209.pdf)