On Tue, Feb 19, 2013 at 10:32:13PM -0800, Alec Warner wrote: > I agree that a smartcard is much better security vs a longer key. I > don't think attackers targetting Gentoo are going to brute force the > key. They are going to steal the key, trivially, by exploiting a 0-day > in a crappy browser, or flash, or java, or whatever. A smartcard is > the defense against this attack (because the key material is well > protected, and they need physical access to actually relocate it.) > Storing it in the TPM would also be cool, except TPMs are crap on > Linux, *and* most hardware TPMs are crap anyway. Exactly. The longer key doesn't block this attack, the smartcard does.
The question being asked becomes: "If the smartcard only supports a shorter key is that an acceptable tradeoff where a longer key would be used instead?" I say it's a very acceptable tradeoff, and the require/recommend of the proposal reflects this. > > Also, if there is a Well-Funded-Organization attacking Gentoo, there are > > MUCH more effective ways for them to compromise us. Any perceived gains > > in that field from requiring DSA2048 and blocking DSA1024 should be > > examined very closely. > I would ask the opposite question. What is the perceived difficulty in > using DSA2048 vs 1024? For the non-smartcard users, the cost is likely > trivial. Even your perf data shows that signing requests still > complete in 200ms or less, and that is on old / slow hardware. This is why I recommended DSA2048, but only required DSA1024. I don't want something that says "If you use a smartcard, you can use DSA1024, otherwise you must use DSA2048" That's just too confusing. > djm works for Google, and I chat with him at least once a quarter. > I've seen some patches go by that we could re-purpose for gpg-agent > forwarding. For slow machines we could have them sign on a > faster-trusted machine with a forwarded agent. Major +1 on gpg-agent forwarding request; the smartcard crowd would love it too. -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee & Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
