Re: Installing GnuPG 2.1.4 in Debian Experimental

[Daniel Kahn Gillmor]

On Sun 2015-06-07 19:04:33 -0400, Rex Kneisley wrote:
> root@debian-rig:/home/rexk# apt-get install -t
> experimental gnupg2 gnupg-agent dirmngr gpgsm
> gpgv2 scdaemon
> Reading package lists... Done
> Building dependency tree   
> Reading state information... Done
> Some packages could not be installed. This may
> mean that you have
> requested an impossible situation or if you are
> using the unstable
> distribution that some required packages have
> not yet been created
> or been moved out of Incoming.
> The following information may help to resolve
> the situation:
> 
> The following packages have unmet dependencies:
>  dirmngr : Depends: libassuan0 (>= 2.2.0) but
> 2.1.2-2 is to be installed
>  gnupg-agent : Depends: libassuan0 (>= 2.2.0)
> but 2.1.2-2 is to be installed
>  scdaemon : Depends: libassuan0 (>= 2.2.0) but
> 2.1.2-2 is to be installed
> E: Unable to correct problems, you have held
> broken packages.

So this is a dependency issue: jessie is debian stable, but gnupg2 is
built against unstable, which has changed since jessie was released.

In particular, gpg-agent, dirmngr, and scdaemon all use
assuan_sock_set_sockaddr_un() if available, which was only introduced in
assuan 2.2.0, which is only available since assuan 2.1.4; jessie only
has 2.1.2.

This can be addressed for jessie in one of two ways:

 0) we can create a backport for more a modern version of libassuan,
which should allow installation of the experimental package directly

 1) we can create a backport for gnupg 2.1.x direclty, using jessie's
version of libassuan.

approach (1) won't work right now because jessie-backports only allows
packages that are already in testing, and 2.1.x is only in experimental.

I'm cc'ing the pkg-gnupg-maint team in debian to see whether Eric
Dorland (the team member who has been most responsible for assuan in
debian) thinks there are any problems with approach (0).  If not, maybe
he'd be up for maintaining a jessie-backports version of the more recent
libassuan, which should let all debian jessie users install gnupg2 2.1.x
from experimental.

 --dkg

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: State-of-the-art way to setup a shared security@ email with hardware-backed keys?

[Daniel Kahn Gillmor]

Hi Simon--

Thanks for the interesting use case.

On Tue 2015-06-09 09:21:08 -0400, Simon Josefsson wrote:
> My current idea is to generate a secur...@example.com master PGP key and
> keep that offline, and to generate one decryption sub-key, and load that
> onto a couple of OpenPGP Card smartcards.
>
> This would allow authorized people to decrypt emails properly, by using
> the "security team smartcard".  To respond to the emails, they would
> need to use their own smartcard which is a nauisance but workable.

I like this approach for encryption to the team; i think it's definitely
better than the server that does decryption/reencryption.

Another (much weirder) remailer approach that doesn't expose the content
to the remailer itself uses El Gamal keys that have a known relationship
to each other.  The remailer can transform the PKESK in such a way that
it is readable to each peer, without being able to recover the
cleartext.

This is the approach used in PSELS:

   http://www.ncsa.illinois.edu/People/hkhurana/ICICS.pdf

This still has the awkward key distribution step when new members join
the team -- you have to generate their encryption-capable secret key and
get it to them.

But for revocation for user X in this case, you'd just tell the server
to stop PKESK translation for the corresponding offset for user X -- no
certificate update is necessary, and no redistribution to every
remaining team member.


---

I note that you're asking here only about the encryption-capable
subkeys, and not signing subkeys -- it's quite possible that your
correspondents would like to be cryptographically confident that the
reply messages come from the team, and not from an imposter.

Interestingly, the case for signing-capable subkeys is not symmetric
with the case for encryption-capable subkeys.  It should be possible for
each of your members to contribute a distinct signing-capable subkey,
and you'd attach all of them to the primary key.

There are two approaches to this:

 a) you could have each person generate their own signing capable
subkey, create the binding cross-sig with it to the primary key, and
send the public part + the cross-sig to the team keyring maintainer,
who would bind it as a subkey and publish the updated cert.

 b) during generation of the per-person encryption-capable subkey, you
could go ahead and generate a separate signing-capable subkey for
that user and pre-install it on the smartcard.

the advantages of this individualized signing-subkey scheme (using
either approach above) over a single-shared-signing-subkey are:

 0) you can do individualized revocation without reissuing new
signing-capable subkeys for everyone else.

 1) you don't have to keep the signing-capable subkey on hand at the
keyring management site in order to enroll new team members.

 2) when a message coming from the team is signed, you can identify
which team member made the signature.


hth,

--dkg

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users