Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Global Directory of OpenPGP Keys

michael posted more than 9 years ago | from the how-may-i-direct-your-call dept.

Encryption 234

Gemini writes "The PGP company just announced a new type of keyserver for all your OpenPGP keys. This server verifies (via mailback verification, like mailing lists) that the email address on the key actually reaches someone. Dead keys age off the server, and you can even remove keys if you forget the passphrase. In a classy move, they've included support for those parts of the OpenPGP standard that PGP doesn't use, but GnuPG does."

Sorry! There are no comments related to the filter you selected.

about time (0)

gsiebrecht (628281) | more than 9 years ago | (#11042484)

finally

whitelists? (4, Insightful)

essreenim (647659) | more than 9 years ago | (#11042518)

Sounds like a good way to make a global whitelist!
Allow incomming mail only from such valid e-mail accounts that are using the service. Could be useful for spam. Or will spam endure as it always has done... ;/

Re:whitelists? (2, Insightful)

wwest4 (183559) | more than 9 years ago | (#11042794)

> Or will spam endure as it always has done... ;/

Or only allow incoming mail that's signed. This won't prevent spam, but it will complicate the spammers' lives a bit, at least for a while.

Re:whitelists? (3, Insightful)

Tenebrious1 (530949) | more than 9 years ago | (#11042802)

Sounds like a good way to make a global whitelist!

It won't be any different from individuals creating their own whitelist, since you can't implement whitelists at the ISP level since most people do not use PGP and cannot be forced to use it.

It wouldn't stop spammers at all though, since spammers could still create legitimate keys, send out a billion spam then delete those email accounts and move on. It may slow it down a bit until some smart spammer creats a program to automate the process of creating, registering, and authenticating the key, but I doubt it will take too much time and effort.

Re:about time (1)

SpaceLifeForm (228190) | more than 9 years ago | (#11042643)

Yes, it will be about time. As in how much time is needed to access the keyserver.
/.-ed already. Of course it is beta, perhaps they just wanted a stress test.

Widespread Crypto Revolution? (3, Interesting)

c0dedude (587568) | more than 9 years ago | (#11042501)

With the minor computational cost of crpto and the avalability of public keys, will all network traffic move toward crypography?

Re:Widespread Crypto Revolution? (4, Insightful)

Luigi30 (656867) | more than 9 years ago | (#11042541)

Yes... until some government makes encryption illegal because it evades wiretaps (they're trying, believe me...).

Re:Widespread Crypto Revolution? (3, Interesting)

jdludlow (316515) | more than 9 years ago | (#11042768)

Is there any way to acutally prove that a message is encrypted, as opposed to being just random garbage data that two people happened to mail to each other?

I realize that the chances of a judge buying this is going to be small, but is there a defense there? Wouldn't someone have to be able to produce the plaintext first, before they could claim that you were trying to send encrypted messages?

Re:Widespread Crypto Revolution? (1)

cain (14472) | more than 9 years ago | (#11042813)

Random garbage might be compressable. (But not if it was perfectly random garbage, mind you.) Encrypted data does not compress. Not much of an argument, but there it is.

Re:Widespread Crypto Revolution? (3, Funny)

sunya (101612) | more than 9 years ago | (#11042953)

So take random garbage and encrypt it. best of both worlds :)

Re:Widespread Crypto Revolution? (2, Interesting)

B'Trey (111263) | more than 9 years ago | (#11043297)

Defeats the purpose, as the whole point is to say that you're NOT sending encrypted information.

Random garbage wouldn't compress well anyway, for the same reason that encrypted data doesn't compress well - a lack of repeated senquences. It would be trivial to write a program that produces pseudo- or near-random garbage that will not compress.

However, it isn't at all certain that this would be beneficial to GPs purpose. There are ways to measure the amount of entropy in a string, and I'm not at all certain that it would be similar in an encrypted message and a random string. (I'm not an expert in this field, so I'm talking at the peripherals of my knowledge.)

Re:Widespread Crypto Revolution? (2, Interesting)

I confirm I'm not a (720413) | more than 9 years ago | (#11042834)

I realize that the chances of a judge buying this [suspected encrypted data is "really" random garbage] is going to be small

Not if you can prove that you frequently send out random, garbage, data. It'll have the nice side-effect of making traffic analysis harder, too.

...but you didn't hear that from me, right?!

Re:Widespread Crypto Revolution? (1)

Frank T. Lofaro Jr. (142215) | more than 9 years ago | (#11043177)

Not if you can prove that you frequently send out random, garbage, data.

Well, we know the RIAA and MPAA members should be safe then. ;)

Re:Widespread Crypto Revolution? (1)

m50d (797211) | more than 9 years ago | (#11042855)

pgp messages tend to start with "------BEGIN PGP ENCRYPTED MESSAGE-----" or something similar, or else are encrypted files with the .pgp extension and well known magic numbers at the start. Now ok this is not 100% proof, but it's certainly the balance of probabilities, and might well suffice for beyond reasonable doubt.

Re:Widespread Crypto Revolution? (1)

jdludlow (316515) | more than 9 years ago | (#11042882)

That's just a convenience for the software though. You aren't required to send the "---BEGIN PGP ENCRYPTED MESSAGE---" part if you don't want to. As long as your recipient still knows what to do with the message you can communicate.

Re:Widespread Crypto Revolution? (1)

maxwell demon (590494) | more than 9 years ago | (#11042999)

Well, then they'll make sending random data illegal as well.

However you could take your encrypted data and hide it in non-encrypted data (steganography). After all, they will first have to find out that all your holiday pictures are not really sent for sharing them, but actually in order to hide some encrypted messages inside.

Re:Widespread Crypto Revolution? (2, Funny)

SpaceLifeForm (228190) | more than 9 years ago | (#11043114)

Well, then they'll make sending random data illegal as well.

Then how will anyone post?

Re:Widespread Crypto Revolution? (1)

Lord Kano (13027) | more than 9 years ago | (#11043215)

In places where the attempt is made to appear to be a free society (like USA, Canada, EU) sure you might be able to try that, but if you're in China or someplace like that you'd be risking a bullet in the back of your head.

For a places like that, we'll need steganography so that people can securely transmit data while pretending to do nothing out of the ordinary.

LK

Your PC (1)

nurb432 (527695) | more than 9 years ago | (#11043292)

All they have to do is impound your pc. Then they will find that you have PGP installed... a violation.

The suspicious traffic will be enough to get the warrant...

Once it becomes illegal, we are screwed...

First overcome lazyness. (3, Interesting)

StrawberryFrog (67065) | more than 9 years ago | (#11042625)

PGP's been around for years, and hasn't taken over. Layness is a powerfull force - self-preservation has to work hard to overcome it.

Re:First overcome lazyness. (1)

Doc Ruby (173196) | more than 9 years ago | (#11043377)

As your typo proves, the strongest force in human communication is "it works anyway". Until there's a critical mass of people with whom other people need to use encryption to communicate, we'll be stuck with the problems of postcards and undefined trust.

Re:Widespread Crypto Revolution? (0)

Anonymous Coward | more than 9 years ago | (#11042642)

No. People are lazy.

Re:Widespread Crypto Revolution? (1)

kkovach (267551) | more than 9 years ago | (#11042901)

Not if the damn key server is slashdoted! :-)

- Kevin

Re:Widespread Crypto Revolution? (4, Funny)

Frank T. Lofaro Jr. (142215) | more than 9 years ago | (#11043113)

Ab, V qba'g guvax pelcgbtencul jvyy rire pngpu ba. :)

FPCP (4, Interesting)

nahdude812 (88157) | more than 9 years ago | (#11042514)

FPCP (First Privacy Complaint Post):

Won't a database of verified emails be, y'know, abusable? What about spammers who want to harvest from this? If they can't directly harvest, they could certainly validate email addresses they know about, and know they were getting people on email addresses that they care about.

Re:FPCP (1)

nlinecomputers (602059) | more than 9 years ago | (#11042556)

Like they can't already do that with the old keyservers? Most keys should resolve to a valid email address, No?

Re:FPCP (4, Informative)

Anonymous Coward | more than 9 years ago | (#11042559)

Yup... spammers are already harvesting email addresses from PGP keyservers. I had an address on my key that I never ended up actually using for anything, yet I suddenly started getting spam to it. Ditto for another address that I only used with close friends and family but was also a userid on my key.

The combination of this and (nigerian) spammers that actually respond to my challenge-response authentication is getting me very pissed off about spammers. :)

Re:FPCP (2, Interesting)

farnz (625056) | more than 9 years ago | (#11042822)

After getting hit by a spammer using my work address as his From address, then getting deluged (a few thousand) by C-R challenges, I started just replying to challenges whether or not I sent you an e-mail.

By and large, whenever I send e-mail out of the company, I'm authorised to spend money. If you blacklist me for replying to your challenges, and later I can't get hold of you to offer you money, that's not my problem, it's yours.

Re:FPCP (2, Interesting)

I confirm I'm not a (720413) | more than 9 years ago | (#11042576)

Won't a database of verified emails be, y'know, abusable?

I've wondered about this in the past, but - and naturally I don't have a link to hand ;) - apparently key-lists haven't - to date - been abused by spammers. My guess would be that spammers see users of PGP/GPG as (a) technically advanced, and hence more likely to have spam-filters/spam-retaliation protocols in place, and (b) likely to only use published emails for encryption. Either that or PGP/GPG whooshed passed spammers' heads with no comprehension occuring: "Can I make money off this JeepyGee thingee? No? Forget it, then."

Re:FPCP (1)

Gemini (32631) | more than 9 years ago | (#11042593)

What about spammers who want to harvest from this?

It's not a good harvesting target. You can only get *one* email address per search. If I were a spammer, I'd go somewhere that gives me more for less effort.

Still, even the old keyservers where you can get many addresses per search seem to be ignored by spammers. Even they are not rich enough of a target.

Re:FPCP (5, Informative)

TheUnFounded (731123) | more than 9 years ago | (#11042921)

From the FAQ:

Will I get spam if I use the PGP Global Directory?
No. Searches of the PGP Global Directory are limited to one (1) response, thus making gathering email addresses from the PGP Global Directory one of the least-effective ways of harvesting email addresses for spammers.

Re:FPCP (2, Interesting)

YetAnotherDave (159442) | more than 9 years ago | (#11043170)

whatever.

Since I upgraded my mailserver to SpamAssassin 3.x I don't even bother with dummy mail accounts anymore. Spam just don't bother me anymore :)

A new way to thwart spam filters! (1)

Huh? (105485) | more than 9 years ago | (#11043132)

Imagine if spammers start encrypting their spam with the recipients own PGP key. It would be impossible for content based spam filters to classify the e-mail (pre decryption).

I suspect the lack of PGP adoption, the overhead of getting and maintaining the PGP keys, and the increase in time and system utilization of encrypting the messages would make this unlikely. It's a chilling thought none the less.

Is there a future for PGP? (4, Interesting)

Albanach (527650) | more than 9 years ago | (#11042523)

Like lots of people, I've used PGP for years, but it has never taken off like it should have. I wonder if it really has a future.

Companies can secure their internal email by deploying SSL on their mailservers and enforcing its use. For email outside the company surely S/MIME has captured the market. It's built into most email software, and companies are offering free certificates.

With PGP seeming more complex and requiring a seperate install, what role does it have for today's SMEs?

Re:Is there a future for PGP? (2, Insightful)

Ashe Tyrael (697937) | more than 9 years ago | (#11042554)

There is a problem with this though. Several ISPs, for good and legitimate reasons (spam and virii) don't allow certain types of e-mail attachment. Which means if I sign an e-mail, the fact I've signed it gets filtered by the receiving ISP.

Nothing wrong with the standard itself, just a lack of support and clue by ISPs.

Re:Is there a future for PGP? (5, Interesting)

spellicer (146331) | more than 9 years ago | (#11042678)

S/MIME and PGP certainly address many similar issues such as email encryption and sender authenticity (which SSL does not necessarily do by the way), they approach some of the problems in different ways. The key difference I see between the two (and why PGP still has a role in this area) is how trust of signing keys is built.

S/MIME and x.509 certificates use a central authority to enforce certificate holder identity. PGP and its variants use a "web of trust" system which allows ad hoc trust networks to build up by acquaintences sign each others keys. As an analogy, x.509 is client/server while PGP is peer-to-peer. PGP's approach serves a role for those who do not have a central authority (i.e. certificate authority) in common, do not trust CA's, cost of a certificate from a reliable CA is too high, or other factors usually centering around CA's.

The above is a general idea and there are many variations on it that make the area more fuzzy. For example, S/MIME could potentially be implemented using PGP keys instead of x.509 or PGP could be implemented to require a particular signature (i.e. a CA) in order to use a key.

Re:Is there a future for PGP? (3, Insightful)

jludwig (691215) | more than 9 years ago | (#11042761)

Its missing what I call the "grandmother" factor. I can explain it to most technical people I encounter (but can't convince any to use it), but its way too complex an implementation for most average users to handle - my mother or grandmother. Its not that they can't understand it, but the computer is already overwhelming and they need something that "just works(tm)". The Web of trust concept "just makes my head want to explode(tm)"

Unfortunately I can't see a good way to make things more transparent and invisible to the end user. Most folks don't pick good passwords, yet that is absolutely essential for PGP private key security. Also, a yearly drive reformat is not uncommon, so lost keys are a huge issue. This technology partially address that issue but I shouldn't need to check to see if someone updated there key every message, plus theres the trust issue with a constantly rotating keyset.

Jeff

Re:Is there a future for PGP? (1)

AxelTorvalds (544851) | more than 9 years ago | (#11043295)

Know what I did for my grandfolks? We got them an imac a while back. We upgraded it and got OS X on it. It's not a lightning fast machine but it's a killer email and casual browsing machine. Put Thunderbird and enigmail on it and then made them a pgp key sans passphrase (yeah, yeah yeah, I know)

They sign all messages by default and then via enigmail we set up some rules and they always encrypt to me and the parts of the family that have been converted. They didn't even know they were doing it at first.

It's not perfect security, there are some issues but it's a start. If you wanted spam to go away, I've said this hundreds of times, start signing your email.

Re:Is there a future for PGP? (1)

elgaard (81259) | more than 9 years ago | (#11042930)

I think PGP has a future.

In the couple years PGP/GnuPG have become much simpler to set up, especially on windows. Thunderbird/Enigmail works great on many platforms. On linux KMail and kgpg also just works.

Re:Is there a future for PGP? (1)

MartinG (52587) | more than 9 years ago | (#11042946)

It comes down to a matter of trust. Personally I don't trust my ISPs mail servers, nor do I trust some of the admins (not that I think they are malicious, just they they make mistakes)

Also, PGP is not just about encryption but about message authentication. S/MIME can't give you that.

Re:Is there a future for PGP? (1)

david.given (6740) | more than 9 years ago | (#11043339)

For email outside the company surely S/MIME has captured the market.

Has it?

I've never seen an S/MIME message, or ever felt the need to make one, or get a key, or anything. In most of the (admittedly geeky) places where it's common to sign message, it's always been GPG. The company I work for uses GPG to communicate with customers, and the customers have never suggested using S/MIME instead. As far as I've seen, GPG (and PGP) rule.

Where is S/MIME actually used?

Backdoors? (1, Insightful)

gmknobl (669948) | more than 9 years ago | (#11042530)

Are there backdoors? And if there are not, what will Homeland Security or the like try to do about it?

Can they do anything about it, realistically?

Have I completely misunderstood this (a common event, unfortunately) or will this be one of the few ways of having as close to true privacy as we can realistically get?

Re:Backdoors? (4, Insightful)

rdieter (112462) | more than 9 years ago | (#11042617)

Doesn't matter. This is a directory for public (ie, the non-private portion of) OpenPGP keys, which are/should-be publically available anyway. Else, why use public/private pgp keys at all?

Re:Backdoors? (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11042704)

The problem is that you need to make sure the public key belongs to the recipient/sender you are communicating with. Anyone who can intercept traffic to/from this server can put himself in the middle of your supposedly private conversation. The web of trust is a way of eliminating/reducing this threat, but that means people have to actually go out and have their keys signed in real life. Encryption with authentication is useless.

Re:Backdoors? (0)

Anonymous Coward | more than 9 years ago | (#11042735)

Dammit. Encryption WITHOUT autentication is useless. I need to start reading the preview.

Re:Backdoors? (1)

wwest4 (183559) | more than 9 years ago | (#11042842)

> Encryption without authentication is useless.

That's not strictly true. What if you don't care who is listening? E.g. Blacknet [privacyexchange.org] .

Re:Backdoors? (1)

phoenix321 (734987) | more than 9 years ago | (#11042974)

People listening to you need a reliable authentication that they are listening to the right "wwest4" in your case, not someone imposturing you.

Speaking tongue-in-cheek, you better make sure everyone is listening to the correct "you" when giving out calls for revolutionary action or otherwise your followers might be guided by the wrong person and end up torching err I mean protesting at some other building or they'll be directed into an amsbush or directly into jail, without collecting $200. ;)

Re:Backdoors? (1)

wwest4 (183559) | more than 9 years ago | (#11043176)

> People listening to you need a reliable authentication that they are
> listening to the right "wwest4" in your case, not someone imposturing you.

They do - the public key itself is the unique identifier, not the pseudonym. If the public key doesn't verify the sig, then the message is signed with a different private key - end of story.

Re:Backdoors? (0)

Anonymous Coward | more than 9 years ago | (#11043327)

Very often the listeners need to know who's talking. They have to use an external verification method to link a certain public key to you. Of course this comment and almost all of Slashdot is an example for a situation where authentication doesn't matter. When the content of the message is all that counts, authentication of the senders or recipients is irrelevant, yet anonymity can still require cryptography. Mixmaster networks however require that you trust the remailers. Strictly speaking this requires that you authenticate your entry point into the remailer network.

Re:Backdoors? (2, Interesting)

essreenim (647659) | more than 9 years ago | (#11042638)

I think more the latter:

..one of the few ways of having as close to true privacy as we can realistically get

And please dont call it "homeland security". It's more "civil rights management" or "civil restrictions management" depending on your opinion. One thing for sure is that something which is such a popular catch phrase for counter-terrorism has no real association with the comfort of a "home" - the place you come from. In fact I find that it is those people who are most cynical and paranoid (homeless like in other words) that are throwing that slogan around like a contraceptive. At least thats how I feel in my "home" land - Ireland.

Sorry if you think Im trying to flame you, I am not. Im trying to encourage you not to use that word - which has false interpretation, muck like the infamous DRM acronym...

Re:Backdoors? (1)

gmknobl (669948) | more than 9 years ago | (#11043000)

Okay, won't use it. Too reminicent of Nazi Germany anyway, re: "Fatherland" (ooh, and there are many other scary parallels too, nowadays). But I digress. To stay on subject, read on.

The idea I was trying to get across was that U.S. government, pre-Bush II, was upset about PGP's system anyway and wanted a "backdoor" way, or the equivalent, to decrypt the messages sent from one party to the next. Of course, now, they'll want that, likely without a warrant - just on their say-so.

I don't like that, of course, not that I use PGP. But the idea burns in my liberal minded brain and makes me angry. I figure, it ain't their business what I'm sending unless they can prove, to a high standard, that something criminal is occurring.

Re:Backdoors? (5, Insightful)

JimDabell (42870) | more than 9 years ago | (#11042725)

Are there backdoors?

It doesn't matter. Keyservers are merely a method of distributing keys, not establishing trust. You can establish trust by a number of methods, such as manually verifying the fingerprint with the person yourself using a trusted medium (e.g. face to face) or having somebody you trust sign the key (after verifying their key, of course).

The real danger to public key cryptography taking off is that it will become commonplace to simply trust keys without verifying them. Everyone will feel more secure, but the security will be an illusion.

Re:Backdoors? (1)

XMyth (266414) | more than 9 years ago | (#11042973)

Yes, you've mis-understood it. This just makes a central repository for OpenPGP keys. No private information will be storedo n the server...it's a directory. It will not store private keys.

PGP's defaults are the real problem. (5, Insightful)

nlinecomputers (602059) | more than 9 years ago | (#11042532)

Every PGP new user has done it. Created a brand new key while learning the program and forgot the passphrase. There are hundreds of unused keys that was created and never used but can never be deleted because they don't expire.

Had PGP's defaults been for a 1 year key instead of infinite this wouldn't be an issue.

I always create 1 year keys but I've got a couple of key out there over 10 years old that I FUBAR'd that'll never go away.

Re:PGP's defaults are the real problem. (1, Informative)

Anonymous Coward | more than 9 years ago | (#11042663)

well... that's why you should really make a revocation certificate when you make your key.

that way, if you lose the secret key or the password for it, you can issue the revocation to let people know the key is no longer in use.

A good writeup of pgp and enigmail setup is available here:
http://enigmail.mozdev.org/gpgconf.html [mozdev.org]

Re:PGP's defaults are the real problem. (1)

nlinecomputers (602059) | more than 9 years ago | (#11042688)

Yes you should but that is part of the problem of the defaults and the bumps and problems of new users to PGP. You tend to figure out the need for a revocation cert AFTER you've let a dead key loose. D'oh!

Re:PGP's defaults are the real problem. (1)

kalidasa (577403) | more than 9 years ago | (#11043282)

Thank you all for making me feel like less of an idiot. I did this very thing when I first started using PGP many years ago.

Re:PGP's defaults are the real problem. (1)

I confirm I'm not a (720413) | more than 9 years ago | (#11042865)

IIRC (I read TFA, what, like, over 15 minutes ago!) this new key-server deprecates keys that haven't been updated in the past year.

Re:PGP's defaults are the real problem. (1)

mightypenguin (593397) | more than 9 years ago | (#11042995)

iF you'd even read the paragraph summary at the top of this story you'd see that it's easy remove keys from this central registry if you have control of the email address associated with them. But I agree that in the past this has been a real problem.

Re:PGP's defaults are the real problem. (1)

nlinecomputers (602059) | more than 9 years ago | (#11043247)

Yes I read it. You missed my point. Had they designed the program better they wouldn't need to design the key servers better. That was my point.

Even with a new keyserver design the client side program still after over 10 years defaults to no time limit keys and doesn't create a revoke certificate automaticly. Which means that fubar'd keys are still going to be generated far to easy. Things like this are why this program never gained popular use.

Free, for now? (-1)

Anonymous Coward | more than 9 years ago | (#11042561)

I bet that once enough people are there, it won't be free at all.

It's often like this:
1. Gather enough mass with "free"
2. Downgrade the service, and
3. Start asking money for "premium service"

Besides, can't we already have some distributed directory which is not controlled by a single entity (especially a corporation from USA)?

Re:Free, for now? (1)

Frank T. Lofaro Jr. (142215) | more than 9 years ago | (#11043324)

So how soon before Google offers an uncrippled version of Google Groups for a fee?

Oh great, spammer heaven (2, Insightful)

phr1 (211689) | more than 9 years ago | (#11042595)

Fantastic, a global database of cryptographically authenticated email addresses that have been tested to reach a real person.

We need a new key format, that doesn't have a live email address but instead has a hash of one. You'd send the address separately so it could be compared against the hash. There'd be salting to stop brute force searches. The database server could then still verify all the addresses (by sending emails out) but the actual email addresses would stay unpublished.

Re:Oh great, spammer heaven (1)

andkaha (79865) | more than 9 years ago | (#11042666)

I don't think that the email addresses has to be valid, or even present. The person signing a key only has to be sure of who the key belongs to.

Costs (1)

razmaspaz (568034) | more than 9 years ago | (#11042598)

I don't know much about PGP, admittedly I don't use it, although I know how to create keys. Wil lthis service be free? I looked at the site and did not see a cost structure. Will we pay for every use of the server? How does this work(Not PGP, but the service)?

Re:Costs (1)

someone0012 (755876) | more than 9 years ago | (#11042683)

http://download.pgp.com/products/pdfs/PGP-Global_D irectory_Whats-New_041206_F.pdf

"The PGP GLobal Directory is a free service designed to make it easier to find and trust the universe of PGP keys."

Load testing (0, Offtopic)

lorcha (464930) | more than 9 years ago | (#11042609)

Who needs to load-test a server when you have slashdot to do it for you?

Re:Load testing (1)

Xandu (99419) | more than 9 years ago | (#11042847)

Who needs to load-test a server when you have slashdot to do it for you?

Looks like they didn't pass the test.

Encrypted Spam? (3, Interesting)

4of12 (97621) | more than 9 years ago | (#11042613)

So if I'm willing to post my public key and verify every 6 months that I'm the same live email responder at the other end, then what assurance do I have that encrypted email sent to me isn't spam?

Since the MTA's can't read my mail for spamminess if it is encrypted, the spam filter responsibility will be for my local email client with a set of my cached private key so it can decrypt and trash those herbal viagara offers.

Re:Encrypted Spam? (4, Insightful)

I confirm I'm not a (720413) | more than 9 years ago | (#11042902)

So if I'm willing to post my public key and verify every 6 months that I'm the same live email responder at the other end, then what assurance do I have that encrypted email sent to me isn't spam?

Another way of looking at it is from the "cost" of spamming - encrypting a spam "costs" the spammer, hence recent suggestions for charging mail-senders in CPU-cycles. Additionally, you'd be able to verify whether you held the spammer's public key on your keyring, and very easily "process" (ie. delete with extreme prejudice) encrypted emails from unknown senders.

Re:Encrypted Spam? (2, Insightful)

Frank T. Lofaro Jr. (142215) | more than 9 years ago | (#11043152)

Spammers won't sent you encrypted mail.

It is way too computationally expensive.

Spam programs are designed to work extremely fast, using very little CPU to send a message.

That is why things like hashcash [hashcash.org] would work, they'd make it economically unfeasible for spammers.

Encryption takes quite a bit of work (just less than unauthorized decryption :)

Re:Encrypted Spam? (2, Insightful)

TheLoneCabbage (323135) | more than 9 years ago | (#11043239)

Asymetricly encrypted emails are rarely actually encrypted. They are signed. which is that I mearly provide an encrypted hash of the email, to prove that whoever sent it, has access to the private key.

The keys themselves can be signed by a master key, by o' say PGP's new website. (this does not require the PGP website to have a copy of the private key)

What this meens is they could give the signing service away for free to individuals, in order to create a defacto standard. But then charge legitimate bulk emailers for the privlege of their service. PGP becomes the arbiter of who is spam and who is not. In exchange they get to charge for permission to send bulk/commercial mail.

Sounds like a good buisness plan.

Of course, I'll have to RTFA once the /.'ing stops.

Hell yeah... (2)

danielrm26 (567852) | more than 9 years ago | (#11042614)

Dead keys age off the server, and you can even remove keys if you forget the passphrase.

Thank Jesus.

Re:Hell yeah... (1)

Michael Dorfman (324722) | more than 9 years ago | (#11043078)

If I forgot the passphrase, how do they know it's really me trying to remove the key from the server, and not some Joe-job?

Re:Hell yeah... (0)

Anonymous Coward | more than 9 years ago | (#11043157)

Revocation certificate. You created one when you created your key, didn't you?

Re:Hell yeah... (1)

Michael Dorfman (324722) | more than 9 years ago | (#11043263)

Revocation certificate. You created one when you created your key, didn't you?

Let's see. According to the hypothetical, I'm the kind of person who forgets his pass-phrase. What do you think are the odds?

The baby Jesus (0)

Anonymous Coward | more than 9 years ago | (#11043220)

"Dead keys age off the server, and you can even remove keys if you forget the passphrase.

Thank Jesus."

Every time you forget your passphrase, you make the baby Jesus cry.

If this site can be Slashdotted... (2, Interesting)

jdludlow (316515) | more than 9 years ago | (#11042630)

...what are the chances that it's going to hold up to millions of email clients all trying to access keys at once?

Re:If this site can be Slashdotted... (0)

Anonymous Coward | more than 9 years ago | (#11042815)

Millions? Apparently you haven't used PGP.

Re:If this site can be Slashdotted... (1)

Just Some Guy (3352) | more than 9 years ago | (#11043309)

Extremely good, especially since:
  1. GnuPG caches keys in its local keyring, so you'll only have to retrieve foo@example.com's key one time.
  2. pgp.com seems to have good connectivity.
  3. They are hardly the only public keyserver currently in operation. Other servers cope with the load just fine, so it's probably that pgp.com's servers will also.

It's in beta. (1)

lorcha (464930) | more than 9 years ago | (#11043378)

B-E-T-A. Obviously the final rollout will be more robust.

out the window (0)

Anonymous Coward | more than 9 years ago | (#11042648)

and yes the new server it out the window! /. effect in effect.

Centralization (2, Interesting)

hey (83763) | more than 9 years ago | (#11042652)

The nice thing about PGP/GPG is that it is decentralized! You don't need to obtain a "certificate" from any big-bad central authority.
But now this move centralizes things - yuck.
If you want to send PGP mail to/from a friend,
just mail public keys to each other.

Re:Centralization (1)

Morosoph (693565) | more than 9 years ago | (#11042744)

In fact, the point is to be "policy free" with regard to hierachy. There are already several keyservers.

The idea of a public key is that anyone can contact you securely, and out of the blue! There is no need for unencrypted traffic. For there to be an exchange of keys requires that you make yourself visible and to some extent, identifiable.

The "public" in "public key cryptography" is so-called because the idea is that keys are published, not merely privately exchanged.

Re:Centralization (mod parent up!!) (0)

Anonymous Coward | more than 9 years ago | (#11042760)

Yeah, I think Phil Zimmerman should be doing something about this. I thought the whole point of PGP was to stop people from invading your privacy.

Re:Centralization ?? (2, Insightful)

jimbro2k (800351) | more than 9 years ago | (#11042778)

Good point, but this just provides a central option . You can still do a private(?) exchange of public keys with your friends & not friends, or do both..

Convenience (0)

Anonymous Coward | more than 9 years ago | (#11043316)

Er...no.

First of all, they are NOT talking about centralizing the ISSUING the keys, or restricting who CAN issue keys. You self-generate keys as before. Your "big bad central authority" concern is not valid.

What they are talking about is centralizing the part of the process that is SUPPOSED to be public--the public keys. This is for CONVENIENCE of the sender/recipient. It's not REQUIRED that you list your key--it just makes the process of finding public keys easier.

You can not list your key and exchange it privatly if you so choose--no one is talking about making software that won't work that way. It's simply giving PGP/GPG users the OPTION to list their public key in a repository, so that they don't HAVE to mail a key to each correspondant.

And this is nothing that's NOT already done today in other various repositories--all this is doing is giving users the convenience of having only one place to look, plus knowing that they've got the right key.

No one's making you play. No one's making a certificate authority. No one's forcing you to register. No one's making your software stop working. They're just trying to make it easier to use PGP/GPG, the same way the phone book makes it easier to call people if you don't have their number.

Please take off the tinfoil hat. Your concerns would be valid IF they were doing what you seem to think they're doing. But they're not.

OpenLDAP keyserver? (1)

nakhla (68363) | more than 9 years ago | (#11042672)

Does anyone know of any OpenLDAP schema files that could be used to create a PGP keyserver using OpenLDAP? It'd be great to have an internal keyserver for our organizational PGP keys without having to use proprietary products.

first Dimebag Darrel was a fag post (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11042762)

what a polesmoker he was

Can a central repository bring security? (4, Insightful)

cesarbremer (701201) | more than 9 years ago | (#11042808)

A central repository of public keys can bring problems, for example, if the central repository is located in USA and the FBI want to do a man-in-the-middle attack? How can you be assured that the public key from the guy you want to send a encrypted message is realy the correct public key? I don't know better solution than having a lot of servers in different countries, under different governments controls and laws, and when the user do a search, he can do the search in a lot of servers. How about having servers in USA, China, France, Germany, China, Finland, North Corea......, and the user can search the user public key in all these databases? When storing the public keys, why not the user store his keys in these distributed servers? Can you really believe that storing your keys under one company control can bring security?

Re:Can a central repository bring security? (0)

Anonymous Coward | more than 9 years ago | (#11042850)

If the sender signs their message, wouldn't it not be possible for the FBI to re-sign it once they open it, read the message, and forward it to you?

I understand that they've already got the content of the message at that point, but at least the recipient would know about it once they got an unsigned, but encrypted, message.

Re:Can a central repository bring security? (1)

Gemini (32631) | more than 9 years ago | (#11042925)

A central repository of public keys can bring problems, for example, if the central repository is located in USA and the FBI want to do a man-in-the-middle attack? How can you be assured that the public key from the guy you want to send a encrypted message is realy the correct public key?

That's not how PGP works. Just because a key comes from a particular keyserver doesn't mean that it is the right one. A keyserver just provides a convenient place to stick keys. The web of trust (which is local to your machine) tells you if a particular key is to be trusted or not.

This new keyserver doesn't change that. It just provides a convenient way to weed out clearly invalid keys so you don't have to bother with them. It's also opt-in: if you don't like that feature, use one of the many other keyservers out there located across the world [cryptnet.net] .

Re:Can a central repository bring security? (1)

dbitch (553938) | more than 9 years ago | (#11043080)

Well, sure, the FBI could implement a man in the middle attack, but if you're that paranoid (or interesting) that the FBI would want to do that, then you'll be signing your keys with direct exchange anyway. It's all a matter of how much security you want. If you don't want sysadmin Joe to read your mail, then you'll be encrypting it, but you're too lazy to sign the person's key you're sending it to. If, however, you're dealing in drugs, or, *gasp* something more dangerous (like dubya might want your head) then you'll be damn sure that your keys are signed, and that they're NOT publicly available.

Really, there are easier ways to break public key encryption if you haven't taken the necessary precautions - all the FBI has to do is install a keylogger and they have your passphrase, sieze your computer and they've got your private key - what more do they need to BE you? You also need to consider those problems on the recieving end too. Those are all order of magnitude easier than cracking a good 256 bit blowfish.

Central servers make it easier to prevent CASUAL perusal of your mail, nothing else. If they're sophisticated enough to mount a man-in-the-middle, then they can install a keylogger too. So I don't think that this is a terrible idea.

Re:Can a central repository bring security? (4, Informative)

Just Some Guy (3352) | more than 9 years ago | (#11043229)

if the central repository is located in USA and the FBI want to do a man-in-the-middle attack?

Not unless you're amazingly trusting of the repository. Read up on the "web of trust" and how to personally verify the keys you're using to send messages.

For example, my pubkey has been signed by several friends, and I have signed their pubkeys in kind. If I get a signed email from Charlie (whom I don't know), but his pubkey has been signed by Bob (whom I do know) using his key that I myself signed, then there is a direct path of trust between Charlie and me. If I believe that Bob is an honest guy who wouldn't have signed Charlie's key without personally verifying his identity, then I have cause to that key.

It's hard to explain the web of trust without making it sound more complicated than it really is. It's somewhat analogous to a friend introducing you to a person you've never met before. If your friend is very gullible, then you won't put much confidence in the ID of the person they're introducing. If your friend is, say, a loan officer who just spent the last month vetting the new person's identity, then you can be reasonably sure that they're giving you accurate information about that person.

Which brings us back to your question. If you're corresponding with a new contact with no trust pathway to that person, then you have exactly zero reason to believe in their identity simply because they were able to download GnuGP and create a new key. However, if that new person's key was signed by Alice, whose key was signed by Charlie, whose key was signed by Bob, whose key was signed by you, then you have at least some reason to think they're who they say they are.

There is no real concept of blindly trusting a new person in real life. GnuPG does not magically change this.

Obligatory Kids in the Hall References (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11042809)

I'm crushing your head! Crush, crushing, crush, crush! Flathead!!

My hands! It is as if I am seeing them for the first time! Look! A claw! My hands! [pause] My penis!!

30 Helens agree...

OT: WOTSAP (1)

m50d (797211) | more than 9 years ago | (#11042819)

I've found that the pgp wotsap has been down recently. Is there any other site that will do the same thing, i.e. find a path from my key to a key I want to trust?

Keyserver Summary (Article Link Text) (1)

shaneh0 (624603) | more than 9 years ago | (#11042832)

New PGP Global Directory

The PGP Global Directory is a free service designed to make it easier to find and trust the universe of PGP keys. The PGP Global Directory replaces the current public PGP Keyserver, facilitating worldwide key management and access for all PGP users. Following are the main features and benefits of the new PGP Global Directory:

* Verified directory of PGP keys Every 6 months, PGP Corporation will notify the email addresses associated with the keys in the PGP Global Directory to verify users' desires to have their keys publicly available.

* Increased trust Users will be actively managing and verifying the availability of their keys in the PGP Global Directory so other PGP users will know that available keys have been validated within the last 6 months.

* Automatic posting of PGP keys Users no longer have to take the manual of step of posting a new key to the new PGP Global Directory. Active users' keys will be automatically migrated to the PGP Global Directory, increasing the likelihood of receiving encrypted messages from other PGP users.

* Default searching of the PGP Global Directory Future releases of PGP products will automatically default to searching the PGP Global Directory. If a PGP key is posted publicly, PGP products are designed to find it.

* Easier to send encrypted messages Another option introduced in new PGP products is to automatically encrypt a message if a PGP key is found. This new functionality makes it easier for the worldwide community of PGP users to send and receive encrypted emails.

For complete product information, download the PGP Global Directory data

A Big Step... (3, Insightful)

shaneh0 (624603) | more than 9 years ago | (#11042976)

Perceived Value is very closely tied to percieved scarcity. As people begin to *realize* that their privacy is as scarce as it actually is, people will begin to value their privacy ergo encryption.

Feeding that will be dirt simple encryption applications that make it so EASY to encrypt and decrypt that you might as well do it. (Like, for example, the application I'm finishing right now but refuse to plug until it's released)

The biggest problem now is that if a developer wants to include Public Key encryption abilities in has app he has to create an entire key management system and force users to gather the keys of all their contacts manually because there's just no other way. How many users are going to do that for a program that they only kinda think they need?

If you want the answer to that question, look at the percentage of users who currently encrypt any large part of their communication (SSL excluded?)

YRO? (0)

Anonymous Coward | more than 9 years ago | (#11043172)

What the heck is this article doing in Your Rights Online? There's no legal/government issue here...

OpenPGP set to become global standard (3, Informative)

Mstrgeek (820200) | more than 9 years ago | (#11043313)

well done wrtie up on this topic

http://www.itweek.co.uk/news/1118258

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?