New Global Directory of OpenPGP Keys

Gemini writes "The PGP company just announced a new type of keyserver for all your OpenPGP keys. This server verifies (via mailback verification, like mailing lists) that the email address on the key actually reaches someone. Dead keys age off the server, and you can even remove keys if you forget the passphrase. In a classy move, they've included support for those parts of the OpenPGP standard that PGP doesn't use, but GnuPG does."

Widespread Crypto Revolution?

[c0dedude]

With the minor computational cost of crpto and the avalability of public keys, will all network traffic move toward crypography?

FPCP

[nahdude812]

FPCP (First Privacy Complaint Post):

Won't a database of verified emails be, y'know, abusable? What about spammers who want to harvest from this? If they can't directly harvest, they could certainly validate email addresses they know about, and know they were getting people on email addresses that they care about.

Is there a future for PGP?

[Albanach]

Like lots of people, I've used PGP for years, but it has never taken off like it should have. I wonder if it really has a future.

Companies can secure their internal email by deploying SSL on their mailservers and enforcing its use. For email outside the company surely S/MIME has captured the market. It's built into most email software, and companies are offering free certificates.

With PGP seeming more complex and requiring a seperate install, what role does it have for today's SMEs?

Re:FPCP

[I confirm I'm not a]

Won't a database of verified emails be, y'know, abusable?

I've wondered about this in the past, but - and naturally I don't have a link to hand ;) - apparently key-lists haven't - to date - been abused by spammers. My guess would be that spammers see users of PGP/GPG as (a) technically advanced, and hence more likely to have spam-filters/spam-retaliation protocols in place, and (b) likely to only use published emails for encryption. Either that or PGP/GPG whooshed passed spammers' heads with no comprehension occuring: "Can I make money off this JeepyGee thingee? No? Forget it, then."

Encrypted Spam?

[4of12]

So if I'm willing to post my public key and verify every 6 months that I'm the same live email responder at the other end, then what assurance do I have that encrypted email sent to me isn't spam?

Since the MTA's can't read my mail for spamminess if it is encrypted, the spam filter responsibility will be for my local email client with a set of my cached private key so it can decrypt and trash those herbal viagara offers.

First overcome lazyness.

[StrawberryFrog]

PGP's been around for years, and hasn't taken over. Layness is a powerfull force - self-preservation has to work hard to overcome it.

If this site can be Slashdotted...

[jdludlow]

...what are the chances that it's going to hold up to millions of email clients all trying to access keys at once?

Re:Backdoors?

[essreenim]

I think more the latter:

..one of the few ways of having as close to true privacy as we can realistically get

And please dont call it "homeland security". It's more "civil rights management" or "civil restrictions management" depending on your opinion. One thing for sure is that something which is such a popular catch phrase for counter-terrorism has no real association with the comfort of a "home" - the place you come from. In fact I find that it is those people who are most cynical and paranoid (homeless like in other words) that are throwing that slogan around like a contraceptive. At least thats how I feel in my "home" land - Ireland.

Sorry if you think Im trying to flame you, I am not. Im trying to encourage you not to use that word - which has false interpretation, muck like the infamous DRM acronym...

Centralization

[hey]

The nice thing about PGP/GPG is that it is decentralized! You don't need to obtain a "certificate" from any big-bad central authority.
But now this move centralizes things - yuck.
If you want to send PGP mail to/from a friend,
just mail public keys to each other.

Re:Is there a future for PGP?

[spellicer]

S/MIME and PGP certainly address many similar issues such as email encryption and sender authenticity (which SSL does not necessarily do by the way), they approach some of the problems in different ways. The key difference I see between the two (and why PGP still has a role in this area) is how trust of signing keys is built.

S/MIME and x.509 certificates use a central authority to enforce certificate holder identity. PGP and its variants use a "web of trust" system which allows ad hoc trust networks to build up by acquaintences sign each others keys. As an analogy, x.509 is client/server while PGP is peer-to-peer. PGP's approach serves a role for those who do not have a central authority (i.e. certificate authority) in common, do not trust CA's, cost of a certificate from a reliable CA is too high, or other factors usually centering around CA's.

The above is a general idea and there are many variations on it that make the area more fuzzy. For example, S/MIME could potentially be implemented using PGP keys instead of x.509 or PGP could be implemented to require a particular signature (i.e. a CA) in order to use a key.

Re:Widespread Crypto Revolution?

[jdludlow]

Is there any way to acutally prove that a message is encrypted, as opposed to being just random garbage data that two people happened to mail to each other?

I realize that the chances of a judge buying this is going to be small, but is there a defense there? Wouldn't someone have to be able to produce the plaintext first, before they could claim that you were trying to send encrypted messages?

Re:FPCP

[farnz]

After getting hit by a spammer using my work address as his From address, then getting deluged (a few thousand) by C-R challenges, I started just replying to challenges whether or not I sent you an e-mail.

By and large, whenever I send e-mail out of the company, I'm authorised to spend money. If you blacklist me for replying to your challenges, and later I can't get hold of you to offer you money, that's not my problem, it's yours.

Re:Widespread Crypto Revolution?

[I confirm I'm not a]

I realize that the chances of a judge buying this [suspected encrypted data is "really" random garbage] is going to be small

Not if you can prove that you frequently send out random, garbage, data. It'll have the nice side-effect of making traffic analysis harder, too.

...but you didn't hear that from me, right?!

Re:FPCP

[YetAnotherDave]

whatever.

Since I upgraded my mailserver to SpamAssassin 3.x I don't even bother with dummy mail accounts anymore. Spam just don't bother me anymore :)

Re:Widespread Crypto Revolution?

[B'Trey]

Defeats the purpose, as the whole point is to say that you're NOT sending encrypted information.

Random garbage wouldn't compress well anyway, for the same reason that encrypted data doesn't compress well - a lack of repeated senquences. It would be trivial to write a program that produces pseudo- or near-random garbage that will not compress.

However, it isn't at all certain that this would be beneficial to GPs purpose. There are ways to measure the amount of entropy in a string, and I'm not at all certain that it would be similar in an encrypted message and a random string. (I'm not an expert in this field, so I'm talking at the peripherals of my knowledge.)

This presents problems with the trust path.

[molo]

Dropping keys from the keyring presents problems with the trust path. For example, A signs B's key. B signs C's key. A now has a trust path to C. If B is dropped from the keyring, no new users can authenticate that trust path. With the current scheme, if N signs A's key, N would now have a trust path to C. With the new scheme, the link to B and C is broken because he can't retrieve B's key.

Having an email address expire is not a reason to no longer trust a key.

-molo

Re:Is there a future for PGP?

[Ramses0]

PGP will come, but will meet strong resistance from "important people" along the way. It's really not that hard, get AOL, Yahoo! Mail, and GMail to automatically create public/private keys, publish, store, archive, sign, etc. all your email when using their web interface.

*YOU* don't ever need to know that the email has been encrypted, or that you even have a public/private key. You could even do something ridiculously small, like a 24 bit key or something to keep "gub'ment" happy.

The next step is adding a button in "mail options" to upload YOUR OWN PUBLIC KEY. Yahoo! (eg) receives it, sends you a challenge, and says: "decrypt this message, type in the 8-letter token that's in there, and we'll accept and advertise your new public key as yours, and expire the old auto-generated one". If you wanted to trust yahoo with your private key, that's your own business. But even neglecting the use of personal public keys and sticking with auto-generated ones, by hitting the major's you'd have 20-30% market saturation of encrypted emails, and the infrastructure to support future uses of public/private key stuff.

Eventually one of the majors will realize that "all identity problems go away" when there is a broadly available public/private key infrastructure.

Imagine typing your email address into slashdot, slashdot fetches your public key [in background], issues your browser a challenge, browser decrypts challenge with private key and responds. Viola. Passwordless logins everywhere. Who out there is listening? 80% of the infrastructure is in place already. (moz-plugin: gpg-challenge-response)?

--Robert