[Pkg-gnupg-maint] Bug#519333: gnupg: Please include support for encrypted keyserver queries [PATCH]
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Mar 23 14:17:07 UTC 2009
On 03/23/2009 06:18 AM, Werner Koch wrote:
> On Fri, 20 Mar 2009 20:42, dkg at fifthhorseman.net said:
>
>> I'd prefer to be able to use an encrypted channel to these particular
>> machines, which i have reason to believe will not betray that trust.
>
> Your goal is not encryption but anonymouse key retrieval. Using TOR is
> an easier and better alternative.
Sorry, but i disagree. the quasi-anonymity provided by OpenPGP
certificate retrieval via cleartext HKP over tor does not:
* assure me that the host i'm connecting to is in fact the keyserver
which i trust to return reasonable information, or
* assure me that data has not been tampered with in transit between the
tor exit node and the keyserver, or
* hide my queries from an snoop on the same network segment as the
keyserver or anywhere between the tor exit node and the keyserver.
My particular collection of OpenPGP certificates (certs whose updates
would be fetched en masse during something like "gpg --refresh-keys")
probably represents a rare enough subset of the global keyspace to be
able to identify as me to a sufficiently motivated attacker.
While tor is certainly a good option to obscure where i'm connecting
*from* (something which hkps does not achieve), it does not meet the
same goals as a TLS-wrapped connection to a keyserver.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20090323/59aedc47/attachment.pgp
More information about the Pkg-gnupg-maint
mailing list