On Thu 2021-06-10 05:40:34 +0000, Peter Gutmann wrote:
Daniel Kahn Gillmor writes:
Key ID or fingerprint comparison has been recommended in the past by the
OpenPGP community as a reasonable way that one communications peer can
confirm that they have the "right key".
Ah, good point, so it's a human-factors thing rather than just (say) mapping
a signature to the key that signed it, where even if you can create a
collision to point to a different key the signature check will still fail.
which i'll call the "comparison-verification" practice:
Is it worth mentioning this in the text? The current text just says "this
thing is the fingerprint" with an implicit use elsewhere in the doc of
"the thing used to identify which key is being used", without mentioning its
second, non-protocol use, to verify someone's key.
I would welcome a proposal for brief text that describes this use for
the revision of RFC 4880, though i think a full description of
fingerprint-based verification (and other alternatives for key
confirmation) is probably beyond the scope for the crypto refresh
document. It gets complicated, and the best practices are still pretty
unclear.
(Is this still done? When was the last time someone here attended a key
signing party?).
Yes, it is "still" done, though i'm not sure it's ever been done to the
extent that the OpenPGP community has traditionally imagined it would
be. "key signing party" is not the only context, either. i've got
dozens of business cards or small slips of paper which contain OpenPGP
fingerprints (either as text or as QR codes) that people have given me
at free software conferences, and i've given them out myself.
do people *actually* verify them effectively? that's another story…
--dkg
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp