[Parl-user] getting from trustworthy to trusted

Jonas Smedegaard dr at jones.dk
Thu May 29 09:53:18 UTC 2014


Hi DebianParl users,

In the Greens/EFA pilot we use DebianParl for trusted email.

Till now, we have explored that...

  * DebianParl is a strictly personal system, secured with passwords:
    + Disk is encrypted when machine is turned off
    + Programs are started and documents stored inside a user account
    + PGP private key is stored in an encrypted file
    + Noone but system owner operates the system, ever!

  * Email is standards-based internet mail, with standards-based PGP:
    + Program used is Mozilla Thunderbird (rebranded as Iceweasel)
    + Any mail account accessible with imap and smtp is usable
    + PGP is handled with mail plugin Enigmail and backend tool GnuPG 
      and activated via wizard (considering all suggested settings)

  * Trust is offered, verified, and secured - only then reliable:
    + Create PGP keypair via Enigmail wizard
    + Publish public PGP key
    + Sign emails you send, to offer trust in you as sender
    + Verify trust offers by meeting key owner and check fingerprint
    + Secure verified trust by signing (no longer) alien public key

NB! If you don't recogniz all of above even though you paid attention at 
the workshops (all who attended paid attention, I believe), then don't 
worry: We didn't label it all while diving in, some we just clicked on 
and used without further reflection.  Now you know the names for it :-)

With above in place, we can...

  * Extend trust, through sharing key signatures

  * Encrypt messages (but not who or when or other metadata!)

  * Do housekeeping:
    + Keep a backup of PGP keys at safe place, e.g. in a safety box
    + Keep backup of data, encrypted
    + Refresh keys of others (they might expire or be revoked
    + Create and keep revocation certificate at a safe place

We will look at that at our next workshop, 2nd or 4th week of July.


Looking forward to meet you all again,

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 966 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/parl-user/attachments/20140529/541951a9/attachment.sig>


More information about the Parl-user mailing list