OpenPGP introduction and skillshare
-----------------------------------

Debian, like any reasonable modern operating system or development
community, relies heavily on authenticated, unforgeable messages to
ensure that our infrastructure can't be trivially compromised.  In
particular, each Debian Developer and Debian Maintainer needs to
maintain their own OpenPGP key.  Most of us use GnuPG for this
purpose.

But OpenPGP (and cryptographic certification and signatures generally)
can be a finicky topic, and sometimes it can be frustrating or
worrisome if you're not sure if what you're doing potentially puts
your own digital identity or the project's infrastructure at risk.

This workshop and skillshare will help people feel more comfortable
and confident using and maintaining their OpenPGP keys securely, ask
questions (and get feedback), and suggest useful patterns and
workflows to others.

---------------------------------


Daniel Kahn Gillmor <dkg@fifthhorseman.net>

0EE5BE979282D80B9F7540F1CCD2ED94D21739E9


OpenPGPv4 overview
==================

 * why?
  - identity
    - confidentiality
    - integrity
    - reputation

Debian-specific
===============

 * mailing lists (human-to-human)
 * voting
 * password resets for DSA machines, ldap, etc.
 * signing .dsc and .changes (uploading)
 * dcut
 * apt (Release.gpg)
 * identifying new people in debian (introductions)
 * role keys
 * Signatures on VCS commits (not Debian-specific)

 * Certificate structure:

 └┬╴. Primary Key
  ├─╴* Direct Key Signature
  ├┬╴+ User ID (UID)
  │└─ + Identity Signature (Certification)
  ├┬╴* User Attribute (UAT) (e.g. photo ID) 
  │└─ + UAT Signature (Certification)
  └┬─ * Subkeys
   └─    binding signature

local keyrings -- public, secret

Key usage
=========

 - Certification
   used for Web of Trust; signing other keys (== within the system)
 - Signing
   signing mails, uploads, ... (== external)
 - Authentication
 - Encryption
 
 Trust (private) vs validity (public; key signatures)
   - except: trust signatures; local signatures
 
 revocation
 
Public Keys
===========

keyserver network (HKP)

Public key distribution drawbacks/concerns:

 * social graph mapping
 * "once published, always available"
 * identity leak on key refresh

non-exportable signatures

HKPS, HKPMS

HKP-over-Tor  (keys.indymedia.org == hkp://2eghzlv2wwcq7u7y.onion)

parcimonie


Secret Keys
===========

offline primary keys

smartcards


Details
=======

digest, cipher, and asymmetric algorithms

multiple User IDs



Keysigning
==========

caff
 * MUA
 * when things go wrong


 qrencode -s 20 $GPGID -o /dev/stdout | display - 


PGP/MIME:
--------

└┬╴multipart/signed 
 ├─╴text/plain 
 └─╴application/pgp-signature attachment [signature.asc]



~/.gnupg/gpg.conf
=================

keyserver hkps://keys.mayfirst.org
keyserver-options ca-cert-file=/home/dkg/.keys/mfpl.crt
keyserver-options no-honor-keyserver-url
verify-options no-show-photos show-uid-validity
list-options no-show-photos show-uid-validity
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
cert-digest-algo SHA512
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
keyid-format 0xlong

# maybe not for everyone:
ask-cert-expire
sig-notation issuer-fpr@notations.openpgp.fifthhorseman.net=%g


## large keyring:
no-auto-check-trustdb

Followup:
---------

Keysigning

OpenPGP hacking BoF scheduled: 10:00am Friday July 13th, in Roberto Teran: