Mailing List Archive

--lsign --add-me or the invisible WoT
Hi all,

now since we have Hagrid and WKD I was wondering if in the future an
additional paramemter like --add-me for --lsign would make sense, for
people still in need of a WoT?

The idea would be that people --lsign each others keys and GnuPG,
or other public key crypto software, would then save an additional
file in the key ring, allowing users to exchange that blob so that
only they can see that other people, which belong to their WoT, have
lsigend their pub key.

Well, just a thought ...

Regards
Stefan

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: --lsign --add-me or the invisible WoT [ In reply to ]
Stefan Claas via Gnupg-users wrote:

> Hi all,
>
> now since we have Hagrid and WKD I was wondering if in the future an
> additional paramemter like --add-me for --lsign would make sense, for
> people still in need of a WoT?
>
> The idea would be that people --lsign each others keys and GnuPG,
> or other public key crypto software, would then save an additional
> file in the key ring, allowing users to exchange that blob so that
> only they can see that other people, which belong to their WoT, have
> lsigend their pub key.
>
> Well, just a thought ...

To be more precise, when exporting a blob it should be something like
--export-blob Alice, so that users can individually choose what parts
of the blob will be exchanged, so that they do not have to reveal the
whole blob, containing all lsigned users.

Regards
Stefan

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: --lsign --add-me or the invisible WoT [ In reply to ]
On Sat, 20 Jul 2019 11:57, gnupg-users@gnupg.org said:

> additional paramemter like --add-me for --lsign would make sense, for

--quick-sign-key fpr [names]
--quick-lsign-key fpr [names]

Directly sign a key from the passphrase without any
further user interaction. The fpr must be the verified
primary fingerprint of a key in the local keyring. If no
names are given, all useful user ids are signed; with
given [names] only useful user ids matching one of theses
names are signed. By default, or if a name is prefixed
with a '*', a case insensitive substring match is used.
If a name is prefixed with a '=' a case sensitive exact
match is done.

The command --quick-lsign-key marks the signatures as
non-exportable. If such a non-exportable signature
already exists the --quick- sign-key turns it into a
exportable signature.

This command uses reasonable defaults and thus does not
provide the full flexibility of the "sign" subcommand from
--edit-key. Its intended use is to help unattended key
signing by utilizing a list of verified fingerprints.


--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Re: --lsign --add-me or the invisible WoT [ In reply to ]
Werner Koch wrote:

> On Sat, 20 Jul 2019 11:57, gnupg-users@gnupg.org said:
>
> > additional paramemter like --add-me for --lsign would make sense, for
>
> --quick-sign-key fpr [names]
> --quick-lsign-key fpr [names]
>
> Directly sign a key from the passphrase without any
> further user interaction. The fpr must be the verified
> primary fingerprint of a key in the local keyring. If no
> names are given, all useful user ids are signed; with
> given [names] only useful user ids matching one of theses
> names are signed. By default, or if a name is prefixed
> with a '*', a case insensitive substring match is used.
> If a name is prefixed with a '=' a case sensitive exact
> match is done.
>
> The command --quick-lsign-key marks the signatures as
> non-exportable. If such a non-exportable signature
> already exists the --quick- sign-key turns it into a
> exportable signature.
>
> This command uses reasonable defaults and thus does not
> provide the full flexibility of the "sign" subcommand from
> --edit-key. Its intended use is to help unattended key
> signing by utilizing a list of verified fingerprints.

Thank you, but what I mean is having an exportable 'blob' for the lsign
command, which can be then exchanged and would not be compatible with
key servers, in case someone would try to upload such a blob. This is
what I mean with invisible WoT, so that users do not need to --sign
a key, use lsign instead but still having WoT sigs, without revealing
their WoT to other third parties. Hope this makes sense.

Regards
Stefan

--
box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: --lsign --add-me or the invisible WoT [ In reply to ]
On 31/07/2019 14:58, Stefan Claas via Gnupg-users wrote:
> an exportable 'blob' for the lsign
> command, which can be then exchanged and would not be compatible with
> key servers, in case someone would try to upload such a blob

The keyservers (SKS at least) blacklist lsign packets already, so you're
not gaining anything here.

--
Andrew Gallagher
Re: --lsign --add-me or the invisible WoT [ In reply to ]
Andrew Gallagher wrote:

> On 31/07/2019 14:58, Stefan Claas via Gnupg-users wrote:
> > an exportable 'blob' for the lsign
> > command, which can be then exchanged and would not be compatible with
> > key servers, in case someone would try to upload such a blob
>
> The keyservers (SKS at least) blacklist lsign packets already, so you're
> not gaining anything here.
>

Correct. To make it a bit more clear ...

I lsign Bob's key so third parties do not know (normally) that I did
this. But how could my friend Alice trust Bob's key she has without
my non-exportable lsign sig?

What I tried to propose is an additional parameter, like --add-me
which would write a 'blob' to a second file.db where I can export
then Bob's blob (non-compatible to SKS etc.) with my --lsign sig,
and give it to my friend Alice. Later If Alice knows Bob better
or personally knows him she can --lsign --add-me Bob's key ('blob')
too and give it to her friend Mary. Mary would have then a 'blob"
from Bob containing my and Alice's lsigs, which are non-compatible
to key servers, but would be IMHO equal to classic WoT sigs.

So to speak it is meaned for little WoTs (for those who needs them)
where participants don't have to fear that their sigs are published
in the future on whatever key servers we have, to not reveal their
social graphs.

Regards
Stefan

--
box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: --lsign --add-me or the invisible WoT [ In reply to ]
Stefan Claas:

>I lsign Bob's key so third parties do not know (normally) that I did
>this. But how could my friend Alice trust Bob's key she has without
>my non-exportable lsign sig?

>What I tried to propose is an additional parameter, like --add-me
>which would write a 'blob' to a second file.db where I can export
>then Bob's blob (non-compatible to SKS etc.) with my --lsign sig,
>and give it to my friend Alice.

I think, this can be done with GnuPG as it is:

In the following GnuPG invocations $TEMP_KEYRING stands for a
temporary key ring:

(1) export Bob's key from your default key ring, minimize it, and
import it into the temporary one.
$ gpg --export-options=export-minimal \
--export =user_id_of_Bob | \
gpg --no-default-keyring --keyring=$TEMP_KEYRING --import

Now you have Bob's public key minimized in the temporary key
ring.

(2) lsign a user id of Bob:
$ gpg --no-default-keyring --keyring=$TEMP_KEYRING \
--lsign =user_id_of_Bob

(3) export this version of Bob's public key into a public key
block Bob.pubkey, that you can give to Alice:
$ gpg --no-default-keyring --keyring=$TEMP_KEYRING \
--export-options=export-local-sigs \
--output Bob.pubkey \
--export

(4) import your local signature into your default key ring:
$ gpg --import-options=import-local-sigs --import Bob.pubkey

>Later If Alice knows Bob better
>or personally knows him she can --lsign --add-me Bob's key ('blob')
>too and give it to her friend Mary.

Alice would do the same: Import Bob's keyblock Bob.pubkey
into a temporary key ring using
--import-options=import-local-sigs, lsign it there, export it
using --export-options=export-local-sigs into
Bob.pubkey, give Bob.pubkey to Mary and import
Bob.pubkey using --import-options=import-local-sigs in
her default key ring.


Regards
Friedhelm
Re: --lsign --add-me or the invisible WoT [ In reply to ]
Friedhelm Waitzmann wrote:

> Stefan Claas:
>
> >I lsign Bob's key so third parties do not know (normally) that I did
> >this. But how could my friend Alice trust Bob's key she has without
> >my non-exportable lsign sig?
>
> >What I tried to propose is an additional parameter, like --add-me
> >which would write a 'blob' to a second file.db where I can export
> >then Bob's blob (non-compatible to SKS etc.) with my --lsign sig,
> >and give it to my friend Alice.
>
> I think, this can be done with GnuPG as it is:

[snip]

Thank you very much Friedhelm!

Best regards
Stefan

--
box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users