[conspire] Offering GPG/PGP Workshop at CABAL

Rick Moen rick at linuxmafia.com
Wed May 14 11:35:42 PDT 2008

Quoting Daniel Gimpelevich (daniel at gimpelevich.san-francisco.ca.us):
> On Tue, 13 May 2008 21:06:29 -0700, Rick Moen wrote:
> > Have you ever encountered a real-world deployment of S/MIME that was
> > _not_ a top-down corporate/institutional mail solution?  Those don't 
> > need much community help, and I also cannot see most CABAL members
> > paying two Thawte (or whoever) notaries to certify their in-person
> > identities -- without which, the cert isn't much use.
> Au contraire, the cert can positively establish identity (which is not
> necessarily an in-person identity) without any verification at all.

But nobody's going to believe it without having either gotten the cert
directly from you (which isn't going to happen) or it being certified by
a recognised notary.  Which is why the notaries exist.  Thus the
not-accidental tendency towards a centralised model, S/MIME having been
designed mostly for the corporate/institutional crowd's needs.

Whereas, PGP/GnuPG was explicitly designed for a decentralised
web-of-trust model.  QED.

> This is true of both GPG/PGP and SSL.

You seem to have missed the main point:  A crypto identity that merely
says "Hi, I represent person X.  Trust me" has a bootstrapping problem.

> The more a particular signature is used by an individual, the more
> obvious it becomes that that's whose signature it is.

And how does one know that an S/MIME cert _is_ from a specific
individual, if that individual neither conveyed it to you directly nor
paid to have it attested to by a notary whom you both agree to trust?
You cannot.  Thus my point.

> > Much of the value of GnuPG (and PGP, and the OpenPGP standard) lies
> > in the fact that it relies a broadbased, bottom-up web of trust --
> > in contrast.
> Nothing about S/MIME requires bringing in notaries to verify anything
> even to get a certification of an in-person identity. 

Nor did I so claim.  What I said -- and you evidently weren't paying
attention -- is that without notaries, the cert isn't much use.  (I
didn't bother to mention the alternative of directly conveying certs from
individual to individual.)

Key management, you see, is _the_ basic problem of crypto, dwarfing
other problems in scale.  I believe I already mentioned that fact in my
GnuPG tutorial/lecture notes.

Daniel, this dialogue is tedious.  Argue with what I said if you wish,
but please don't argue with what I didn't say.

> I fail to see how GPG/PGP's "broadbased, bottom-up" web of trust has
> any conceptual differences from what CAcert incorporates:
> http://wiki.cacert.org/wiki/FAQ/AssuranceIntroduction#head-3321b1b3739278f8e8d378f6cf5267199fe342d9

I believe you (that you cannot see that).

You presumably believe that you can get people to take S/MIME certs
seriously without paying for Thawte (or similar) notary services.  In my
experience, that is just not the case.  

If your experience differs, feel free to tell us all about it.  Pardon
my cynicism, but, until then, I'll nurse the suspicion that you have
fsck-all experience with the field, but just wanted to get Mark to
justify why he's lecturing about subject Y rather than subject X, for no
better reason than that you can.

> Then again, the self-signed cert at https://linuxmafia.com could
> theoretically also be used to sign its very own web of trust of SSL certs...

Nobody with a grain of sense trusts that cert to begin with, except me
and the people I've helped verify that it really is reliable.  Which I
believe also helps underline my point.

More information about the conspire mailing list