* [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP fingerprint in your slides
@ 2013-05-14 18:41 Peter Todd
2013-05-14 19:16 ` Melvin Carvalho
0 siblings, 1 reply; 5+ messages in thread
From: Peter Todd @ 2013-05-14 18:41 UTC (permalink / raw)
To: bitcoin-development
[-- Attachment #1: Type: text/plain, Size: 2096 bytes --]
report: https://bitcointalk.org/index.php?topic=205349.0
Every talk will be widely witnessed and videotaped so we can get some
reasonably good security by simply putting out PGP fingerprints in our
slides. Yeah, some fancy attacker could change the videos after the
fact, but the talks themselves will have wide audiences and a lot of
opportunities for fraud to be discovered. That means it'd also be
reasonable for people to sign those keys too if you are present and are
convinced you aren't looking at some impostor. (of course, presenters,
check that your PGP fingerprints are correct...)
Remember that PGP depends on the web-of-trust. No single measure in a
web-of-trust is needs to be absolutely perfect; it's the sum of the
verifications that matter. I don't think it matters much if you have,
say, seen Jeff Garzik's drivers license as much as it matters that you
have seen him in a public place with dozens of witnesses that would
recognize him and call out any attempt at fraud.
Secondly remember that many of us are working on software where an
attacker can steal from huge numbers of users at once if they manage to
sneak some wallet stealing code in. We need better code signing
practices, but they don't help without some way of being sure the keys
signing the code are valid. SSL and certificate authorities have
advantages, and so does the PGP WoT, so use both.
FWIW I take this stuff pretty seriously myself. I generated my key
securely in the first place, I use a hardware smartcard to store my PGP
key, and I keep the master signing key - the key with the ability to
sign other keys - separate from my day-to-day signing subkeys. I also
PGP sign emails regularly, which means anyone can get a decent idea of
if they have the right key by looking at bitcoin-development mailing
list archives and checking the signatures. A truly dedicated attacker
could probably sign something without my knowledge, but I've certainly
raised the bar.
--
'peter'[:-1]@petertodd.org
000000000000016be577c0f0ce4c04a05fdbfc8e0b6f69053659f32aeea3a518
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP fingerprint in your slides
2013-05-14 18:41 [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP fingerprint in your slides Peter Todd
@ 2013-05-14 19:16 ` Melvin Carvalho
2013-05-14 19:31 ` Peter Todd
2013-05-14 19:39 ` Harald Schilly
0 siblings, 2 replies; 5+ messages in thread
From: Melvin Carvalho @ 2013-05-14 19:16 UTC (permalink / raw)
To: Peter Todd; +Cc: Bitcoin Dev
[-- Attachment #1: Type: text/plain, Size: 2916 bytes --]
On 14 May 2013 20:41, Peter Todd <pete@petertodd•org> wrote:
> report: https://bitcointalk.org/index.php?topic=205349.0
>
> Every talk will be widely witnessed and videotaped so we can get some
> reasonably good security by simply putting out PGP fingerprints in our
> slides. Yeah, some fancy attacker could change the videos after the
> fact, but the talks themselves will have wide audiences and a lot of
> opportunities for fraud to be discovered. That means it'd also be
> reasonable for people to sign those keys too if you are present and are
> convinced you aren't looking at some impostor. (of course, presenters,
> check that your PGP fingerprints are correct...)
>
>
> Remember that PGP depends on the web-of-trust. No single measure in a
> web-of-trust is needs to be absolutely perfect; it's the sum of the
> verifications that matter. I don't think it matters much if you have,
> say, seen Jeff Garzik's drivers license as much as it matters that you
> have seen him in a public place with dozens of witnesses that would
> recognize him and call out any attempt at fraud.
>
> Secondly remember that many of us are working on software where an
> attacker can steal from huge numbers of users at once if they manage to
> sneak some wallet stealing code in. We need better code signing
> practices, but they don't help without some way of being sure the keys
> signing the code are valid. SSL and certificate authorities have
> advantages, and so does the PGP WoT, so use both.
>
>
> FWIW I take this stuff pretty seriously myself. I generated my key
> securely in the first place, I use a hardware smartcard to store my PGP
> key, and I keep the master signing key - the key with the ability to
> sign other keys - separate from my day-to-day signing subkeys. I also
> PGP sign emails regularly, which means anyone can get a decent idea of
> if they have the right key by looking at bitcoin-development mailing
> list archives and checking the signatures. A truly dedicated attacker
> could probably sign something without my knowledge, but I've certainly
> raised the bar.
>
Just out of curiosity, could PGP keyservers suffer from a similar 51%
attack as the bitcoin network?
>
> --
> 'peter'[:-1]@petertodd.org
> 000000000000016be577c0f0ce4c04a05fdbfc8e0b6f69053659f32aeea3a518
>
>
> ------------------------------------------------------------------------------
> AlienVault Unified Security Management (USM) platform delivers complete
> security visibility with the essential security capabilities. Easily and
> efficiently configure, manage, and operate all of your security controls
> from a single console and one unified framework. Download a free trial.
> http://p.sf.net/sfu/alienvault_d2d
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
[-- Attachment #2: Type: text/html, Size: 3977 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP fingerprint in your slides
2013-05-14 19:16 ` Melvin Carvalho
@ 2013-05-14 19:31 ` Peter Todd
2013-05-14 19:39 ` Harald Schilly
1 sibling, 0 replies; 5+ messages in thread
From: Peter Todd @ 2013-05-14 19:31 UTC (permalink / raw)
To: Melvin Carvalho; +Cc: Bitcoin Dev
[-- Attachment #1: Type: text/plain, Size: 984 bytes --]
On Tue, May 14, 2013 at 09:16:28PM +0200, Melvin Carvalho wrote:
> > FWIW I take this stuff pretty seriously myself. I generated my key
> > securely in the first place, I use a hardware smartcard to store my PGP
> > key, and I keep the master signing key - the key with the ability to
> > sign other keys - separate from my day-to-day signing subkeys. I also
> > PGP sign emails regularly, which means anyone can get a decent idea of
> > if they have the right key by looking at bitcoin-development mailing
> > list archives and checking the signatures. A truly dedicated attacker
> > could probably sign something without my knowledge, but I've certainly
> > raised the bar.
> >
>
> Just out of curiosity, could PGP keyservers suffer from a similar 51%
> attack as the bitcoin network?
What guarantees do you think a keyserver provides about the keys it
returns?
--
'peter'[:-1]@petertodd.org
0000000000000142ad32a203b1627bee8126fa4bcd940b0da3f32bf1b5b07a24
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP fingerprint in your slides
2013-05-14 19:16 ` Melvin Carvalho
2013-05-14 19:31 ` Peter Todd
@ 2013-05-14 19:39 ` Harald Schilly
2013-05-14 20:12 ` Adam Back
1 sibling, 1 reply; 5+ messages in thread
From: Harald Schilly @ 2013-05-14 19:39 UTC (permalink / raw)
Cc: Bitcoin Dev
On Tue, May 14, 2013 at 9:16 PM, Melvin Carvalho
<melvincarvalho@gmail•com> wrote:
> Just out of curiosity, could PGP keyservers suffer from a similar 51% attack
> as the bitcoin network?
Well, no, and yes. It doesn't work like that.
If you have your own domain, you can store your key there as a TXT entry.
$ dig +short harald._pka.schil.ly. TXT
and even use it automatically:
$ gpg … --auto-key-locate pka -r email@address•domain
H
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP fingerprint in your slides
2013-05-14 19:39 ` Harald Schilly
@ 2013-05-14 20:12 ` Adam Back
0 siblings, 0 replies; 5+ messages in thread
From: Adam Back @ 2013-05-14 20:12 UTC (permalink / raw)
To: Harald Schilly; +Cc: Bitcoin Dev
On Tue, May 14, 2013 at 09:39:46PM +0200, Harald Schilly wrote:
>If you have your own domain, you can store your key there as a TXT entry.
>
>$ dig +short harald._pka.schil.ly. TXT
>
>and even use it automatically:
>$ gpg … --auto-key-locate pka -r email@address•domain
Nice. But we all kow about the security of DNS ;)
Adam
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2013-05-14 20:12 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-05-14 18:41 [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP fingerprint in your slides Peter Todd
2013-05-14 19:16 ` Melvin Carvalho
2013-05-14 19:31 ` Peter Todd
2013-05-14 19:39 ` Harald Schilly
2013-05-14 20:12 ` Adam Back
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox