Re: PGP signing releases

On Mon, 3 Feb 2003, Kurt Roeckx wrote:

> I'm not saying md5 is as secure as pgp, not at all, but you can't
> trust those pgp keys to be the real one either.

Sure you can. Just verify that they've been signed by someone you trust.

For example, next time I happen to run into Bruce Momjian, I hope he'll
have his PGP key fingerprint with him. I can a) verify that he's the
same guy I who, under the name "Bruce Momjian," was giving the seminar I
went to last weekend, and b) check his passport ID to see that the U.S.
government believes that someone who looks him is indeed "Bruce Momjian"
and a U.S. citizen. That, for me, is enough to trust that he is who he
says he is when he gives me the fingerprint.

I take that fingerprint back to my computer and verify that the key I
downloaded from the MIT keyserver has the same fingerprint. Then I sign
that key with my own signature, assigning it an appropriate level of trust.

Next time I download a postgres release, I then grab a copy of the
postgres release-signing public key, and verify that its private key was
used to sign the postgres release, and that it is signed by Bruce's key.

Now I have a direct chain of trust that I can evaluate:
   1. Do I believe that the person I met was indeed Bruce Momjian?
   2. Do I trust him to take care of his own key and be careful signing   other keys?
   3. Do I trust his opinion that the postgres release-signing key that   he signed is indeed valid?
   4. Do I trust the holder of the postgres release-signing key to have   taken care of the key and have been careful
aboutsigning releases   with it?
 

Even if you extend this chain by a couple of people, that's trust in a
lot fewer people than you're going to need if you want to trust an MD5
signature.

cjs
-- 
Curt Sampson  <cjs@cynic.net>   +81 90 7737 2974   http://www.netbsd.org   Don't you know, in this new Dark Age, we're
alllight.  --XTC