 |  |  |
 |
PGP can benefit from identification obligationSeveral countries oblige their citizens to always carry a form of identification when they are in the streets. This is usually enforced with security in mind. Rather than diving into the ethics of this solution, I now want to address how such obligations can be exploited to the advantage of PGP. The web of trust that surrounds PGP improves when more people acknowledge each other's keys. There is no central organisation to acknowledge that keys have been verified to belong to their claimed users, and it would actually be in contrast with the beliefs of the web of trust to have such a central organisation. The validation of users' identities is performed in a distributed, almost anarchistic manner, with the advantage that there is no central point for attacks on this network. In the web of trust, you may have to traverse a short sequence of keys to get the identity on a newly found key confirmed. The quality of the web of trust improves when this becomes more reliable. One factor that helps in this sense is having multiple, non-overlapping paths from your key to the key whose identity you are trying to get confirmed. Another factor that advances the web of trust is if such paths are shortened -- the less intermediate persons/keys needed to confirm someone's identity, the better it is. It is interesting to see that the web of trust is tightening and thus maturing. PGP users increasingly collect more signatures on their keys. It is a simple service to sign someone else's keys, and it normally involves reviewing a proof of their identity. It often takes place during conferences where people arrange to meet and validate each other's keys for later signing. When an identification obligation was introduced in my own country, I realised an opportunity to greatly improve the web of trust. Since everyone in the Netherlands now carries their identity, it is always possible to validate it. The only extra ingredient needed is a way to get their fingerprint (the data used for key signing at a later time) and a way to spot other PGP-minded souls. It is simple enough to carry PGP fingerprints on a small paper and hand these out to those who wish to sign your key. Another approach would be to send an SMS to the other person, containing the fingerprint and possibly a bit more information. A mobile phone that supports pre-entered SMS text would serve quite well for that purpose. A standard text would be: Please sign my PGP key: 1024D / CD46 B5F2 E876 A5EE 9A85 1735 1411 A9C2 8975 4606 On my ID you found my name: Henderikus van Rein Thanks a lot! This takes 147 bytes, so it fits in a single SMS message. The location of the key can be a standard key server. Email addresses are contained in the PGP key, and so is the acclaimed identity that should be verified. It is common to accept local variations, such as William=Bill or (in this case) Henderikus=Rick. As a security precaution, write your fingerprint on a sticker, use a pen to sign it and laminate it onto some card that you already carry with you. For instance on the back of your identity card. After the other party received your SMS (which normally happens in your presence) ask them to verify it with this written-down code. This protects you against fiddling with your phone with the long-term stored SMS text. This way, you need not worry about leaving your phone in the dresser room while you practice your favourite sport. Always try to sign mutually. Not only because it is polite to do so, but also because it increases your value in the so-called strong set of PGP keys; this is the largest set of keys from which at least one path exists between any pair of keys. Spotting people who are interested in PGP cross-signing is similarly straightforward. All you need to do is wear a T-shirt that is sufficiently loud. Chances are, if you are wearing a T-shirt, that you are in the proper mood for PGP key exchange. If you are wearing a tuxedo your PGP exchange service is temporarily unavailable, which probably makes sense. Note that the obligation to carry an ID is not a necessary ingredient to make this scheme work; it merely makes it simpler. If you care about PGP, you will still wear that T-shirt and make sure you are ready to hand out your fingerprint and prove your identity. Makers of T-shirts and similar lifestyle stock are explicitly invited to enter their offerings in the discussion forum for this topic (and only for this topic). We would enjoy seeing them sell large amounts of their products. If you make a product along these lines, please be so kind to submit a sample item to us. And make sure to credit OpenFortress with a link to this article. Current offerings that we know of are:
Posted on Sun, 09 Jan 2005, 00:00. |
spin-off |  |