On Sun, Feb 23, 2014 at 02:10:12PM +0800, Paul Wise wrote:
> On Sun, Feb 23, 2014 at 8:35 AM, Gunnar Wolf wrote:
>
> > So, what do you suggest?
>
> Set a deadline (say 1 year?) for removal of all 1024 bit keys from the
> keyring. Notify all users of 1024 bit keys via all addresses listed in
> the MIA db and all UIDs on those keys. Remind people that coming to
> DebConf is a great way to get signatures. Talk to the DPL about
> spending Debian funds to help push this along. At the deadline, move
> all Debian members still using 1024 bit keys who responded to emeritus
> status and everyone else to disabled.
I have been meaning to sit down a write a proposal for the removal of
our weaker keys, and run it by Gunnar and Daniel before wider
distribution. Part of my reticence is the knowledge that we're going to
have to do 600 key replacements and it probably works out to at least 5
minutes per key change. Which is at least 50 hours of work, assuming the
requests are all well formed and we don't need to go repeating
ourselves about how to submit key change requests.
In an attempt to try and reduce problems let me describe some of the
problems we see (all of this is in the context of someone taking an
existing key that is not believed to be compromised and replacing it
with a stronger key):
* Requests must be inline signed (gpg --clearsign). Unfortunately RT
will mangle PGP/MIME signatures which means we can't verify them.
(it will also decide to re-encode email in utf-8, which causes issues
for people with non ASCII characters in their .sigs or names, but
this is a much less frequent issue)
* Requests need to include the full fingerprint of both the old and the
new key. Not just the key IDs. Not just the new key. We want to be
absolutely certain of what you're requesting replaced. I quite like
seeing the actual "gpg --fingerprint" output for both keys because it
tends to be quite easy to visually verify.
* The new key must be signed by the old key that is being replaced.
* The new key must be signed by 2 other keys that are present in the
Debian keyring.
* The request must be signed by the old key. Signing the request with
the new key alone is not helpful - requests must always be signed by
a key that is currently in the active keyring. Signing it with both
is fine, but not required.
* You should specify *why* you want to replace your key. Knowing that
it's because you're moving to a stronger key rather than because your
old key is compromised / unavailable / on fire helps us prioritise
things.
The time frame I'd had in mind was 6 months until we disable 1024 bit
keys in the keyring, then perhaps a 3 month grace where we'll allow
change requests to be signed by those disabled keys, then treat them as
completely untrusted. At this point that would mean that post DebConf
we'd do the disabling, and then by the end of the year we'd be 1024 bit
free.
I know that there are various people who have held off on submitting
updated keys until they get more signatures. I believe I've already said
it elsewhere, but at this point if you have 2 signatures from other DD
keys on your new key you should be sending a request for replacement to
keyring@rt.debian.org (with something like "Debian RT - Key replacement
request for <debianusername>" in the subject) following the above
guidelines.
J.
--
xmpp:noodles@earth.li
Most people are descended from apes. Redheads are descended
from cats.
Attachment:
signature.asc
Description: Digital signature